Unable to verify authorization request state NodeJs + Heroku

Help
, , , ,
1

Good evening, I have been trying to solve the authentication problem using Heroku as a development environment for more than 48 hours and I have not been able to find the solution, I have read the discussions generated by this space, also in stackoverflow but I still do not find the solution, you I present how I have my express-session configured

const sess = {
    secret: config.JWT_KEY,
    cookie: {},
    resave: false,
    saveUninitialized: true
  };
  if (server.get('env') === 'production') {
    server.set('trust proxy', 1);
    sess.cookie.secure = true;
  }
  server.use(session(sess));

I have made several variations of the configuration activating and deactivating options and parameters, changing the order in which the values are assigned, I am a bit tired and it is increasingly difficult to find the answer I am looking for.

At all times it throws me the error:

{"message":"Unable to verify authorization request state."}

And of course the user in false

2

I’m running into the same issue myself…Did you ever manage to fix it?

3

I’ve solved the problem on my end. First of all, make sure to add the following to your express configuration:

if (app.get('env') === 'production') {
    app.set('trust proxy', 1); // trust first proxy
}

I assume here your NODE_ENV is ‘production’.

Second of all, for those running an Apache reverse proxy, or want an example of working cookie/session settings, check out my answer on how to get it working here: https://stackoverflow.com/a/67891167/8221175