SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

image

Hello,
i'm having an issue with the integration to NestJs. I'm getting a blank (white) screen when i try to load the dashboard... Everything seems to work fine when i call the signup api from postman though...

Any ideas please?...

hey <@470660410341589012> have a look at this: https://supertokens.com/docs/userdashboard/about#content-security-policy

hey, thanks for the link...
but where do i add this please?...

however you are adding to the the CSP header in the first place. That middleware / lib should have a way

i'm not sending the header at all...i'm working with the default setup...
```
 app.enableCors({
    origin: [WEBSITE_DOMAIN, 'http://localhost:7000', 'http://localhost:4321'],
    allowedHeaders: ['content-type', ...supertokens.getAllCORSHeaders()],
    credentials: true,
  });
```

hey, got it fixed by doing this...
```
app.use(
    helmet({
      contentSecurityPolicy: {
        directives: {
          scriptSrc: [
            "'self'",
            "'unsafe-inline'",
            "'unsafe-eval'",
            'https://cdn.jsdelivr.net/gh/supertokens/',
          ],
          imgSrc: [
            "'self'",
            'data:',
            'https://cdn.jsdelivr.net/gh/supertokens/',
          ],
        },
      },
    }),
  );
```

still not sure why this was needed in my project, since the sample app works without this ...

cause the sample app doesn't have contentSecurityPolicy

i see...meaning as long as i'm importing helmet in my project, this has to be configured...got it...
thanks a lot...😄