Personal-Finance | These are the files that I use to make | Runtime Evironment library

I am working on a personal finance application with a Go back-end (go-fiber framework) and ReactJS front-end.

My authentication method is to return a JWT as a cookie when a user signs in.

The front end sends a sign-in request using fetch, then follows up with another fetch to acquire user data. The fetch calls, as well as the server handler functions, can be found in the Appendix included at the end of this question.

When I test this out, I get a successful sign-in. A Set-Cookie header is returned and I see the cookie in the Response as I would expect it. However, the JWT is not being included as a header in the Request for user data. The handler returns {"status": "unauthorized"} as the parsed JWT is nil.

Why is the JWT not being included in the Request for user data?

Here is the Set-Cookie header, and a screenshot of all the Sign-In Response headers. jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDY1MTczOTMsImlzcyI6IjE3In0.SDKnxjsVImuVOHw_hnsPX1ZhtS7-_6s8Cqk79SwniCY; expires=Sat, 05 Mar 2022 21:56:33 GMT; path=/; HttpOnly; SameSite=Lax

Sign-In Response Headers

Here is the JWT cookie being returned upon sign-in, and a screenshot of the cookie from Chrome Developer Tools. jwt eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDY1MTczOTMsImlzcyI6IjE3In0.SDKnxjsVImuVOHw_hnsPX1ZhtS7-_6s8Cqk79SwniCY localhost / 2022-03-05T21:56:33.000Z 195 ✓ Lax Medium

Sign-In Response Cookie

I do not see anything in the "Cookies" section of the Application tab. However, I read somewhere else that I should not expect to see any cookies with httpOnly set to true here.

Application Cookies

I am expecting to see a header called "Cookies" in the user data Request. But I am only seeing these: