How to send JWT token with fetch and cors to an Express server in Authorization headers?
Finally figured it out. Cutting to the chase - it won't work because for the browser to send the Authorization header it needs to have mode: 'no-cors'
but if you remove mode: no-cors then fetch() won't even try sending the request from localhost but will work fine if I upload bundle.js to the server. Also you need to set credentials to same-origin if you want to send cookies, by default in fetch() credentials is set to omit.
So a workaround for this would be to use webpack's dev proxy so you use your server rather than localhost.