Short version: my jwt token is not surviving a refresh when pointing to domain behind Cloudfront.
Not sure if this is best posted here or on stackoverflow, but since I think I've isolated the problem to AWS Cloudfront, I thought I'd start here.
My setup:
- Route 53 DNS settings point to Cloudfront distribution
- 1 Cloudfront behavior takes api/* traffic and sends it to ELB EC2 instance hosting node/express app
- 1 Cloudfront behavior takes default traffic and sends it to s3 bucket where Vue single page app files live
- Node/express app is using Passport.js for authentication with JWT strategy
- Elastic Beanstalk
On my local, everything is perfect. When I run on my staging site, and visit my profile page, all user data fills in the appropriate fields. When I refresh the page, something happens with the JWT token and all user data is lost. This is happening on other pages behind authentication as well.
Instead of pointing my api calls to staging (which is behind cloudfront) I tried pointing my api directly to my ec2 instance and everything worked perfectly.
So, with the problem isolated to Cloudfront, what do I need to do (do I need to forward certain headers) in order for the JWT token to be passed successfully each time?