Hello! I’m running into issues trying to implement a cookie-based authentication in my Ionic 3 app (using crosswalk plugin). After login, the backend set the http header response as:
HTTP/1.1 200 OK Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: * Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length: 10 Content-Type: application/json; charset=utf-8 Date: Thu, 07 Dec 2017 23:20:57 GMT Expires: Thu, 19 Nov 1981 08:52:00 GMT Pragma: no-cache Server: Microsoft-IIS/7.5 Set-Cookie: SESSIONID=voa911237ta2123hvg2n26l123; path=/ X-Powered-By: ASP.NET
I have read  that when using cookies-based auth with Ionic, and using withCredentials = true in the http post/get call from angular, the backend cannot use
Access-Control-Allow-Origin: * and the only way is to set a list of allowed hosts instead.
Is there any way I can implement this cookies-based auth? or do I need to switch to some token-based auth instead?