Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
CORS issue
k
Kranos
04/11/2023, 8:20 PMHey, I've been running my SuperTokens set up from a FastAPI backend in a Docker container on my local machine, with the managed service SuperTokens core. I've just migrated my Docker container to run on AWS and now having problems with logging in, session management etc. The FastAPI endpoint is accessible from my locally hosted front end, but guessing I'm running in to CORs issues or something similar. Any pointers you could give me to track down the problem? Thanks
r
rp
04/12/2023, 5:17 AMhey @Kranos maybe this page will help for CORS issue: https://supertokens.com/docs/thirdpartyemailpassword/troubleshooting/cors-issues
k
Kranos
04/12/2023, 7:20 AMThanks - will have a read. The logs also said I need to set up https as well, so will work my way through it
Hi @rp - two questions having looked through all of this:
1. Should I still set the CORS allow_origins setting to http://localhost:3000 as that's where my front end is running locally or should it be my public IP address?
2. In the log files - I get this message: Exception: Since your API and website domain are different, for sessions to work, please use https on your apiDomain and don't set cookieSecure to false. I'm getting the SSL/TLS certificate sorted but don't know where the cookieSecure setting is to check it?
Thanks
r
rp
04/12/2023, 12:56 PM> Should I still set the CORS allow_origins setting to http://localhost:3000/ as that's where my front end is running locally or should it be my public IP address?
localhost:3000
> In the log files - I get this message: Exception: Since your API and website domain are different, for sessions to work, please use https on your apiDomain and don't set cookieSecure to false. I'm getting the SSL/TLS certificate sorted but don't know where the cookieSecure setting is to check it?
You need to use an apiDomain that starts with
https://k
Kranos
04/12/2023, 1:16 PMGot it - thanks, all working now!