How does nodejs do the right authentication in the middle layer

  node.js, question

I am now making a react-based Single page application, using nodejs as the middle layer of the application. The front end interacts with nodejs layer through superagent, while nodejs interacts with the data layer through superagent. However, I am a little tangled in logging in. Because nodejs is separated from the middle, all interactions are asynchronous. So how can the cookie or token generated in the background be received by the front end after logging in successfully? Nodejs should not directly return all the things res responded by the data layer to the front end without processing anything, including the response header or something, so if so, do you want to manually extract the session id or token or something in the nodejs layer and set it as the response header of the front end? If not, how will it be solved?

In principle, it should be used

.set('Set-Cookie', 'xxxxxx')

Set cookie.

Superagent has not been used for your reference.