Hi guys, how are you?
I'm using Supertokens with ...
# support-questions-legacyc
cavalo limao
04/08/2023, 6:07 PMHi guys, how are you?
I'm using Supertokens with Next.js using this recipe:
npx create-supertokens-app@latest --frontend=next --recipe=thirdpartyemailpassword
Everything works fine locally, but when I deploy it to Vercel with my domain, I get CORS errors.
Access to fetch at 'https://mydomain.com/api/auth/session/refresh' from origin 'https://www.mydomain.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
I've tried to put nextcors on /api/auth/[[...path]].ts
Copy code
await NextCors(req, res, {
methods: ["GET", "HEAD", "PUT", "PATCH", "POST", "DELETE"],
origin: https://www.mydomain.com, (It's the same origin)
credentials: true,
allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
}); Copy code
export default async function superTokens(req, res) {
await NextCors(req, res, {
methods: ["GET", "HEAD", "PUT", "PATCH", "POST", "DELETE"],
origin: process.env.APP_URL, // https://www.mydomain.com
credentials: true,
allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
});
await superTokensNextWrapper(
async (next) => {
res.setHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
await middleware()(req, res, next);
},
req,
res
);
if (!res.writableEnded) {
res.status(404).send("Not found");
}
}