Solution
@cross_origin(methods=['POST'], supports_credentials=True, headers=['Content-Type', 'Authorization'], origin='http://127.0.0.1:5500')
return jsonify({'response': response.json}), 200
return response, 200
@app.route('/user')
@cross_origin(supports_credentials=True)
def get_user():
response = make_response('cookie being retrieved!')
cookie = request.cookies.get('access_token')
return jsonify({'cookie': cookie})
// for logging in a user
fetch('http://127.0.0.1:5000/login', {
headers: {'Authorization': 'Basic ' + btoa(`${username}:${password}`)}, // the values of username and password variables are coming from a simple login form
method: 'POST',
mode: 'cors' // here we specify that the method is CORS meaning that the browser is allowed to make CORS requests
})
.then(res => res)
.then(data => console.log(data))
// for getting the cookies - testing
fetch('http://127.0.0.1:5000/user', {
method: 'GET',
mode: 'cors',
credentials: 'include' // includes cookies, authorization in request headers
})
.then(res => res.json())
.then(msg => console.log(msg))