Hi there, I'm getting this error on the react clie...
# support-questions
f
Hi there, I'm getting this error on the react client:
Copy code
Access to fetch at 'https://evt-api-dev.revod.cloud/auth/signinup/code' from origin 'http://localhost:8000' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
evt-api-dev.revod.cloud/auth/signinup/code:1          Failed to load resource: net::ERR_FAILED
even though these are the allowed origins in the nestjs backend:
Copy code
ts
app.enableCors({
    origin: [
      process.env.EVENTVM_BASE_URL,
      'https://studio.apollographql.com',
      'http://localhost:8000',
    ],
    allowedHeaders: ['content-type', ...supertokens.getAllCORSHeaders()],
    credentials: true,
  });
why's so?
r
Im not sure. This doesn't seem to be an issue related to supertokens as such. But normally for cors, I use the
cors
node package like so: https://github.com/supertokens/supertokens-node/blob/master/examples/express/with-thirdpartyemailpassword/index.js#L120
f
@rp it's actually behaving really weird: if I'm using ONLY passwordless recipe it works. It doesn't with the one passwordless + social login
r
You need to init the same recipe on the frontend and backend. Are you doing that?
f
ohhhh that's right... no I am not
thanks
9 Views