i'm having a bunch of cors issues when following the email password recipes and using https://try.su...

Nick White

08/28/2022, 7:04 AM

i'm having a bunch of cors issues when following the email password recipes and using https://try.supertokens.com as the connectionURI

rp_st

08/28/2022, 7:04 AM

Can I see the browser's console output?

Nick White

08/28/2022, 7:05 AM

sure there are a bunch of different errors and each time i fix one another one appears

Nick White

08/28/2022, 7:05 AM

but i'll show you the current one

Nick White

08/28/2022, 7:06 AM

if you'd like i can do a screenshare and explain over voice as well

rp_st

08/28/2022, 7:09 AM

how have you configured CORS on the backend?

Nick White

08/28/2022, 7:17 AM

so basically my client side is a react app running on https://localhost:3000

rp_st

08/28/2022, 7:17 AM

right

Nick White

08/28/2022, 7:17 AM

and my server side is a node express app running on https://localhost:3001/

Nick White

08/28/2022, 7:17 AM

i've been doing a bunch of junk so it's different now

Nick White

08/28/2022, 7:18 AM

but if i copy the tutorial exactly it doesn't work

Nick White

08/28/2022, 7:19 AM

so if i do this

Nick White

08/28/2022, 7:19 AM

does this look good to you?

rp_st

08/28/2022, 7:20 AM

ok so the issue is that you are querying

http

, but you have set the cors to

https

rp_st

08/28/2022, 7:20 AM

Just change all the http to https

Nick White

08/28/2022, 7:20 AM

where

Nick White

08/28/2022, 7:20 AM

on the client?

rp_st

08/28/2022, 7:20 AM

everywhere

Nick White

08/28/2022, 7:20 AM

so even in cors everywhere http?

rp_st

08/28/2022, 7:21 AM

where you have set https://localhost... make it http://localhost

Nick White

08/28/2022, 7:21 AM

i think ive done that and it will still break

Nick White

08/28/2022, 7:21 AM

but ok ill do that now

rp_st

08/28/2022, 7:21 AM

yup

Nick White

08/28/2022, 7:22 AM

fixed and still broken

rp_st

08/28/2022, 7:22 AM

can i see the cors setting now?

rp_st

08/28/2022, 7:23 AM

and what is the response headers of the OPTIONS request to the /session/refresh endpoint (in the network tab)

Nick White

08/28/2022, 7:24 AM

preflight working though

rp_st

08/28/2022, 7:24 AM

right. Have you put the supertokens middleware before or after the CORS middleware?

Nick White

08/28/2022, 7:25 AM

middleware is before cors

rp_st

08/28/2022, 7:25 AM

make it after CORS

Nick White

08/28/2022, 7:25 AM

ok i think i did that too

Nick White

08/28/2022, 7:25 AM

but 1 sec

rp_st

08/28/2022, 7:25 AM

yup

Nick White

08/28/2022, 7:26 AM

ok so i think cors might be working now

Nick White

08/28/2022, 7:26 AM

but why am i unauthorized?

Nick White

08/28/2022, 7:27 AM

is it because im not logged in?

rp_st

08/28/2022, 7:27 AM

Yes.

rp_st

08/28/2022, 7:27 AM

That’s expected

Nick White

08/28/2022, 7:28 AM

okay so now i look stupid

Nick White

08/28/2022, 7:28 AM

that's literally what the tutorial said..

Nick White

08/28/2022, 7:28 AM

i swear i did the tutorial twice exactly and it didn't work!

Nick White

08/28/2022, 7:29 AM

okay thanks i'm going to try and recreate it 1 more time to make sure there's not something else

rp_st

08/28/2022, 7:30 AM

Haha. Don’t worry about it. Happens to the best of us 🙂

Nick White

08/28/2022, 8:13 AM

just out of curiosity why does websiteBasePath need to have a value?

rp_st

08/28/2022, 8:13 AM

It doesn’t. The default is /auth. Which means that the Login form will show on /auth path.

Nick White

08/28/2022, 8:14 AM

okay i see

rp_st

08/28/2022, 8:14 AM

By setting it to “”, means that the login form will show on localhost:3000/

Nick White

08/28/2022, 8:14 AM

okay yeah that's what i would want okay perfect

Previous Next

SuperTokens.com

SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).