The fetch function does not send cookies by default. There are two possible ways to send cookies:
Only send cookies if the URL is on the same origin as the calling script.
fetch('/login', {
credentials: 'same-origin'
})
Always send cookies, even for cross-origin calls.
fetch('<https://otherdomain.com/login>', {
credentials: 'include'
})