Hello, I am building a React app based on React quickstart found here on Auth0 docs .
Login/Logout and token generation/retrieval from backend API works well with google, twitter and email+pwd.
However, when I refresh the page on browser on an already logged user I get a forever “loading…” situation resulting from this line of code (coming from the Auth0 react template)
const { loading} = useAuth0();
// LOADING IS FOREVER TRUE WHEN REFRESHING PAGE ON AUTHENTICATED USER
if (loading) {
return <div>
Loading...
</div>;
}
digging a bit into Auth0 code it seems the problem is caused by retrieving user info from Auth0 servers providing some info retrieved from an Auth0 cookie. Indeed, if I delete the Auth0 cookie from browser the app works again as unauthenticated user, I can then login/logout with no problems, but if I refresh the page it gets stuck on loading again.
Looking at errors in the Chrome console (Firefox gives no error) I found these messages (personal info replaced with placeholders):
A cookie associated with a cross-site resource at https://MY_DOMAIN.auth0.com/ was set without the
SameSite
attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set withSameSite=None
andSecure
. You can review cookies in developer tools under Application>Storage>Cookies and see more details at Chrome Platform Status and Chrome Platform Status.
but, most important, a clear failure retrieving user data from Auth0 here:
Failed to load resource: the server responded with a status of 400 ()
https://MY_DOMAIN.auth0.com/authorize?client_id=MY_CLIENT_ID&redirect_uri=http%3A%2F%2Flocalhost%3A3000&scope=openid%20profile%20email&response_type=code&response_mode=web_message&state=MY_STATE&nonce=MY_NONCE&code_challenge=MY_CODE&code_challenge_method=S256&prompt=none&auth0Client=MY_AUTH0_CLIENT
this could explain the forever loading status, as Auth0 utilities are unable to retrieve user info starting from the cookie. I have checked the params in my control (client_id, my_domain, redirect_url) and they seem ok. The problem seems to be with the cookie.
Anyone can help me discover what’s wrong with the cookie?
Probably I’m missing something trivial but at the moment I can’t solve it on my own, I’d really appreciate any help to speed up my app development.
Thanks