express-session won't persist and won't send a cookie to the browser

FIX UPDATE:the problem was that the credentials init options weren't set on the fetch API.

the correct code should be written like this:

// this is the React-Redux login action on the client sideexport const fetchUser = (userData) => dispatch => {fetch("http://localhost:3000/login", {    method: 'POST',    headers: { 'content-type': 'application/json' },    credentials: "include",    body: JSON.stringify(userData)}).then(response => response.json())    .then(user =>        dispatch({            type: FETCH_USER,            payload: user        })    );};

also, in the CORS settings, a wildcard ('*') cannot be used as the 'Access-Control-Allow-Origin'. Instead, it needs the origin address which in my case was http://localhost:3001.

//this is the main app.js file in node.jsapp.use((req, res, next) => {res.header('Access-control-Allow-Origin', 'http://localhost:3001');res.header(    "Access-Control-Allow-Headers",    "Origin, X-Requested-With, Content-Type, Accept, Authorization");res.header('Access-Control-Allow-Credentials', true);if (req.method === 'OPTIONS') {    res.header('Access-Control-Allow-Methods', 'PUT, POST, PATCH, DELETE, GET');    return res.status(200).json({});}next();});

In retrospect, I have already figured this out in a relatively early stage. but unbeknownst to me, resetting nodemon wasen't enough after making those changes.a manual server shutdown was needed for the changes to take place.