Update axios public client to set withCredentials

Author: daveearley

backend/app/Services/Infrastructure/Session/CheckoutSessionManagementService.php

@@ -2,6 +2,7 @@
 
 namespace HiEvents\Services\Infrastructure\Session;
 
+use Illuminate\Config\Repository;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Cookie;
 use Illuminate\Support\Str;
@@ -14,7 +15,8 @@ class CheckoutSessionManagementService
     private ?string $sessionId = null;
 
     public function __construct(
-        private readonly Request $request,
+        private readonly Request    $request,
+        private readonly Repository $config,
     )
     {
     }
@@ -43,6 +45,7 @@ public function getSessionCookie(): SymfonyCookie
         return Cookie::make(
             name: self::SESSION_IDENTIFIER,
             value: $this->getSessionId(),
+            domain: $this->config->get('session.domain') ?? '.' . $this->request->getHost(),
             secure: true,
             sameSite: 'None',
         );

backend/config/cors.php

@@ -19,7 +19,7 @@
 
     'allowed_methods' => ['*'],
 
-    'allowed_origins' => [env('CORS_ALLOWED_ORIGINS', '*')],
+    'allowed_origins' => explode(',', env('CORS_ALLOWED_ORIGINS', '*')),
 
     'allowed_origins_patterns' => [],
 

frontend/src/api/public-client.ts

@@ -2,7 +2,9 @@ import axios from "axios";
 import {isSsr} from "../utilites/helpers";
 import {getConfig} from "../utilites/config";
 
-export const publicApi = axios.create();
+export const publicApi = axios.create({
+    withCredentials: true,
+});
 
 const existingToken = typeof window !== "undefined" ? window?.localStorage?.getItem('token') : undefined;