Any guide to setting up nginx reverse proxy for the backend server "not core"? I keep on getting bombarded by cors errors

hey @sdekna - to solve CORS error, you should use a cors middleware for your application - we have docs for this in our quick setup -> backend section.

I am using an express backend with nginx reverse proxy to it. This is my backend code: https://pastebin.com/7dBmP2XC My nginx reverse proxy conf: https://pastebin.com/MJRvxJUZ I am using

supertokens-web-js

. I am getting this error:

Access to fetch at 'https://API-ENDPOINT/signin ($$ or sign up $$)' from origin 'https://FRONTEND-DOMAIN' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

If I make a signup request, it actually registers the user, but I get the above error... In the dashboard I see the new user... and if I try to signup again with the same email, I do get a proper response saying the email is already registered. If I make a signin request I get the error above. For reference, I am using sveltekit in the frontend.

whats the status code of the response in chrome? Also, how have you added the CORS middleware in your express app - is it before or after the supertokens middleware?

ERR_FAILED 502

I added it before the middlewear... you may check the code here: https://pastebin.com/7dBmP2XC

hmm. Does it work without the nginx in front?

yes... but then I have to change everything to

http

instead of

https

right. Im not sure if nginx is doing something to strip away the CORS headers - this, you will have to check on your own since it's out of scope of supertokens really.

sure... any docs or blogs on setting up any reverse proxy to the backend api?

we don't have that. Sorry

many thanks for the help 😄

awesome