Login not working on Safari / iOS (solved)

[monsieurnebo]

Hello,

The app login is not working on desktop Safari and iOS devices.

The issue

The first query (logIn) is sending the email / password as expected, but is not setting the auth cookie as it should do:

{
    "operationName": "logIn",
    "variables": {
        "login": "email@address.com",
        "password": "password"
    },
    "query": "mutation logIn($login: String!, $password: String!) {\n  loginWithCookies(input: {login: $login, password: $password}) {\n    status\n    __typename\n  }\n}\n"
}

As a consequence, the second query (getUser) is returning the following response:

    "data": {
        "viewer": null
    },

The solution

This is because Apple doesn't allow cross-site cookies (related StackOverFlow thread)

The short-term solution is to disable this option from Safari settings:

Safari > Settings > Site tracking > Prevent Cross-Site Tracking.

It will allow you to use the app, but it won't fix the issue for all other Safari / iOS users...

The long-term solution is to host both the WordPress (back-end) & the webapp (front-end) on the same domain (e.g. each one on a different sub-domain).

---

Related to:
#1
#2
#3

CC @kellenmace

[monsieurnebo]

@kellenmace I created a PR to add a warning about this in the Readme.

[kellenmace]

Thanks for the info, Cyril. I have merged in the PR to let other developers know about the shortcoming of this approach in Safari.