SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hello, I'm getting a CORS Missing Allow Origin along with NS_ERROR_DOM_BAD_URI when calling the signin endpoint from my custom UI and can't figure out what I'm doing wrong (More details in the thread)

My login page is on `http://localhost:5173/login` and the backend is running on `http://localhost:4000`

Frontend code:
```js
SuperTokens.init({
  appInfo: {
    apiDomain: 'http://localhost:4000',
    apiBasePath: "/auth",
    appName: "MyApp",
  },
  recipeList: [
    Session.init(),
    ThirdPartyEmailPassword.init(),
  ],
  enableDebugLogs: !!import.meta.env.VITE_SUPERTOKENS_DEBUG,
});
```
and
```js
emailPasswordSignIn({
      formFields: [{
        id: "email",
        value: formData.email
      }, {
        id: "password",
        value: formData.password
      }]
    })```

Backend code:
```go
apiBasePath := "/auth"
websiteBasePath := "/login"
err := supertokens.Init(supertokens.TypeInput{
        Debug: env.SuperTokensDebug != "",
        Supertokens: &supertokens.ConnectionInfo{
            // https://try.supertokens.com is for demo purposes. Replace this with the address of your core instance (sign up on supertokens.com), or self host a core.
            ConnectionURI: "https://my-instance.aws.supertokens.io",
            APIKey:        "my-api-key",
        },
        AppInfo: supertokens.AppInfo{
            AppName:         "MyApp",
            APIDomain:       "http://localhost:4000",
            WebsiteDomain:   "http://localhost:5173",
            APIBasePath:     &apiBasePath,
            WebsiteBasePath: &websiteBasePath,
        },
        RecipeList: []supertokens.Recipe{
            thirdpartyemailpassword.Init(&tpepmodels.TypeInput{
                Providers: []tpmodels.ProviderInput{
                    {
                        Config: tpmodels.ProviderConfig{
                            ThirdPartyId: "google",
                            Clients: []tpmodels.ProviderClientConfig{
                                {
                                    ClientID:     env.GoogleClientID,
                                    ClientSecret: env.GoogleClientSecret,
                                },
                            },
                        },
                    },
                },
            }),
            dashboard.Init(),
        },
    })```

and
```go
type Server struct {
    Router *chi.Mux
}

func (s *Server) MountHandlers() {
    // CORS
    s.Router.Use(cors.Handler(cors.Options{
        AllowedOrigins: []string{"http://localhost:5173"},
        AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
        AllowedHeaders: append([]string{"Content-Type"},
            supertokens.GetAllCORSHeaders()...),
        AllowCredentials: true,
    }))

    // Middlewares
    s.Router.Use(supertokens.Middleware)
}```

image

can you try this method instead: https://github.com/supertokens/supertokens-golang/blob/master/examples/with-chi/main.go#L161

Got it, thanks for the help. I guess the issue is somewhere else then

Quick question, if my login page is at `http://localhost:5173/login`, then `websiteBasePath := "/login"` is correct, right?

Or is is supposed to be `websiteBasePath := "/"`

Figured it out, I needed to add the session recipe in the backend