Express-session Secure Cookies not working

Question

When not using secure cookie true setting, my app user login works fine. When I enable secure cookies, the login appears to go through fine, but it seems the cookie is not s

Answer 1

The combination of settings that worked for me:

• Inside the nginx server configuration, add proxy_set_header X-Forwarded-Proto $scheme;

• Inside the express-session configuration:

  server.use(
    session({
      proxy: true, // NODE_ENV === 'production'
      cookie: {
        secure: true, // NODE_ENV === 'production'
      },
      // everything else
    })
  );