"Payload has transformed the way our clients manage content. It's an indispensable tool for any modern agency."
Get the resources you need to start building today
Microsoft chose Payload to tell the world about AI.
Login Local API res object
Hi, I've looked at the docs where it says
res: res, // used to automatically set an HTTP-only auth cookie.
So I wrote the following login function in a server action:
export async function onLoginSubmit(values) {
let req = new Request('http:localhost:3000/api/users/login');
let res = new Response();
const result = await payload.login({
collection: 'users',
data: values,
req: req,
res: res
})
return result
}.
However this hasn't correctly set the http-only cookie. Can anyone help explain why. I have a feeling I haven't managed
rescorrectly?
resshould be passed to you by Payload (check function arguments), you should not create it yourself
Sorry I'm probably being a bit daft. How does payload provide res to me?
If you mean the function arguments of
onLoginSubmit, I wrote that function myself, and where I call it from has no way of accessing payload (is a client-side component)?
How is the function supposed to be invoked?
Login button in client component calls
onLoginSubmitwhich is a server action
I guess I could just do REST login in client, but surely local api is the better way to do it?
You don't have access to
payloadin a client component
Sorry am I missing something. You can't use payload in a client component right?
Nope
Yep, hence why the server action.
- https://payloadcms.com/docs/authentication/operations
this is the rest API for logging in, I presume this is for the frontend?
Yes frontend login.
hmm so the flow is 1) you have a login button that triggers a server action; 2) the server action logs the user in and sets the cookie?
Ideally yes. In reality no cookie is set.
I think if you're in a server action context you'll need to call
cookies()manually from nextjs
Does cookies work with http-only?
IE could read it
Ok sure. So the plan would be, make the request in server actions, I will recieve a response from payload with the http-only cookie. And then I use this next.js function to read the cookie and move it onto the client side?
oh, you
canuse local API in the server action if your payload app is the same app as the frontend, you call
getPayload()to get a copy of payload, then use
payload.login()
https://payloadcms.com/docs/local-api/overview#loginjust that iirc you need to take care of actually setting the cookie
Ok thanks, I'll give it a go and lyk whether it works!
https://github.com/payloadcms/payload/issues/9829export type Options<TSlug extends CollectionSlug> = { collection: TSlug; context?: RequestContext; data: AuthOperationsFromCollectionSlug<TSlug>['login']; depth?: number; fallbackLocale?: string; locale?: string; overrideAccess?: boolean; req?: Partial<PayloadRequest>; showHiddenFields?: boolean; };
@114557048678514693The Local API for
login: it does NOT have a
resfield...,
So how can I set the cookie automatically? The documentation is wrong?
Edit:
Yes I can use the Local API and write the cookie like this:
const cookieStore = await cookies() cookieStore.set({ name: 'payload-token', value: result.token, httpOnly: true, secure: process.env.NODE_ENV === 'production', path: '/', sameSite: 'strict', })but the docs is just not correct.
yeah they should fix it
Star
Discord
online
Get dedicated engineering support directly from the Payload team.