I have created a sign-in in page in which the user enters their email and password. I then take these credentials and pass them server side using a JQuery AJAX call. The server side function then checks the details and if valid will set a session cookie for the user.
The problem I have is that unless I refresh the page the session cookie is not actually recognised on the calling page. Is there any way I can force the http header to update the session cookie without doing the refresh?
The workaround I currently have is that on the AJAX success a simply redirect back to the same page which is effectively a refresh.
The server side script is written in ASP classic but this should not really matter as any server side script language can be used to set the session cookie.
Another solution I am thinking of is to use client side cookies such as
https://github.com/carhartl/jquery-cookie. However I would prefer to keep the cookies set server side.
The only issue I can think of is that if I do set the session client side I will need to pass some IDs back to the server but for security I would have to hash the values rather than use database IDs.