DEV Community

Discussion on: Password-based authentication with GraphQL and Passport

Collapse
 
jkettmann profile image
Johannes Kettmann

Thanks a lot! First of all, it depends on whether or not you're using cookies to store the session id. express-session as we use it in the article works with cookies. In that case, you need the credentials header.

Depending on whether or not your frontend and backend are running on the same domain you might also use same-origin instead. Have a look here for all options.