Running an Ionic app as a PWA on Firebase hosting

BACKGROUND

We have a large Ionic v1 app that runs on Android (by obtaining it from the Google Play Store) and also on our development machines via "ionic serve".

The app uses a Google App Engine (GAE) website as a backend server. The server maintains sessions for each user my means of a cookie. We don't store much data in the session, but we need to securely identify the user making each request. When the app runs successfully, the GAE server code creates a cookie that contains the session ID and sends it back to the Ionic code when responding to each HTTP request.

Note that the Ionic code does not access the cookie in any way. It is only necessary that the same cookie be sent back to the GAE server with each subsequent request so that the GAE code recognizes the user.

THE GOAL

We would like to serve the Ionic code by use of Firebase Hosting. We can in fact do so in both of two modes:

a. Keeping the Ionic code on our dev machine, running "firebase serve", and going to "localhost:5000" on the browser

b. Deploying the Ionic code to the Firebase host and going to "xxxx.firebaseapp.com" on the browser

Everything works! Uh, except for one little thing, which we've been trying to solve for weeks...

THE PROBLEM

The cookie used by the GAE code to manage session continuity, and sent in responses to HTTP requests generated by the GAE code, does not come back in the next request from Ionic app running on Firebase. So the GAE app always responds as though the user is not yet logged in.

WHAT WE'VE ELIMINATED

• The problem is not the fact that Ionic does not support cookies. We know this is not the problem because the app runs fine on Android and also via "ionic serve". In both cases, the GAE backend is able to maintain sessions using a cookie to store the session ID from one request to the next.

• The problem does not get solved by using "memcache" instead of cookies for GAE session support, because even if you use memcache, you still need the cookie for the session ID. If you wish, you can go with the default and let GAE session support use cookies; in that case, it will use the same cookie for both the session ID and any other session data.

• The problem does not get solved by using "__session" as the name of the cookie. Firebase does in fact support using such a cookie name, but apparently only in the context of running Firebase Hosting with Cloud Functions. Cloud Functions are for running backend code, not client code that the user interacts with. We could see no way to make an Ionic app run as a Cloud Function. And without Cloud Functions, the "__session" cookie apparently gets stripped by Firebase Hosting, along with all other cookies.

HELP REQUESTED

Although we'd be interested in any solution you might have (not speculation, but an actual working solution), we think a simple solution would be to somehow get Firebase Hosting to accept the cookie that is sent to it in the HTTP response from the GAE server and send that cookie back to the GAE server in the subsequent request. That, by the way, is the normal way that cookies are used in client/server applications that manage sessions, so it is of course supported by the browser. We feel that it must be Firebase Hosting that is stripping cookies out of the HTTP responses and/or requests.

Any help will be most appreciated.

from Running an Ionic app as a PWA on Firebase hosting