funk101
06/02/2022, 5:18 AMAccess to fetch at 'https://www.finicky.pet/api/auth/session/refresh' from origin 'https://staging.finicky.pet' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://www.finicky.pet' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
nkshah2
06/02/2022, 5:21 AMfunk101
06/02/2022, 5:22 AMexport const appInfo = {
// learn more about this on https://supertokens.com/docs/emailpassword/appinfo
appName: "finicky.pet-v4",
apiDomain: process.env.NEXT_PUBLIC_HOST,
websiteDomain: process.env.NEXT_PUBLIC_HOST,
apiBasePath: "/api/auth",
websiteBasePath: "/auth",
};
nkshah2
06/02/2022, 5:23 AMfunk101
06/02/2022, 5:24 AMnkshah2
06/02/2022, 5:25 AMfunk101
06/02/2022, 5:25 AMnkshah2
06/02/2022, 5:29 AMfunk101
06/02/2022, 5:30 AMnkshah2
06/02/2022, 5:30 AMfunk101
06/02/2022, 5:32 AMnkshah2
06/02/2022, 5:32 AMfunk101
06/02/2022, 5:33 AMnkshah2
06/02/2022, 5:34 AMfunk101
06/02/2022, 5:35 AMnkshah2
06/02/2022, 5:35 AMfunk101
06/02/2022, 5:35 AMnkshah2
06/02/2022, 5:35 AMfunk101
06/02/2022, 5:38 AMnkshah2
06/02/2022, 5:38 AMfunk101
06/02/2022, 5:39 AMnkshah2
06/02/2022, 5:40 AMfunk101
06/02/2022, 5:40 AMResponse to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://www.finicky.pet' that is not equal to the supplied origin.
nkshah2
06/02/2022, 5:40 AMfunk101
06/02/2022, 5:40 AMnkshah2
06/02/2022, 5:41 AMfunk101
06/02/2022, 5:42 AMnkshah2
06/02/2022, 5:43 AMhttps://www.finicky.pet
and not staging.finicky.pet
funk101
06/02/2022, 5:43 AMnkshah2
06/02/2022, 5:44 AMfunk101
06/02/2022, 5:45 AMnkshah2
06/02/2022, 5:46 AMwebsiteDomain
you pass to SuperTokens.initfunk101
06/02/2022, 5:46 AMnkshah2
06/02/2022, 5:47 AMfunk101
06/02/2022, 5:48 AMnkshah2
06/02/2022, 5:49 AMfunk101
06/02/2022, 5:53 AMexport default async function superTokens(req, res) {
// NOTE: We need CORS only if we are querying the APIs from a different origin
await NextCors(req, res, {
methods: ["GET", "HEAD", "PUT", "PATCH", "POST", "DELETE"],
origin: process.env.NEXT_PUBLIC_HOST,
credentials: true,
allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
});
await superTokensNextWrapper(
async (next) => {
await middleware()(req, res, next);
},
req,
res
);
if (!res.writableEnded) {
res.status(404).send("Not found");
}
}
supertokens.init(backendConfig());
Status
500
Internal Server Error
VersionHTTP/2
Transferred424 B (0 B size)
Referrer Policystrict-origin-when-cross-origin
rp
06/02/2022, 5:59 AMawait superTokensNextWrapper(
async (next) => {
await middleware()(req, res, next);
},
req,
res
);
And log the error?funk101
06/02/2022, 6:01 AMrp
06/02/2022, 6:03 AMfunk101
06/02/2022, 6:04 AMrp
06/02/2022, 6:04 AMfunk101
06/02/2022, 6:04 AMrp
06/02/2022, 6:05 AMprocess.env.NEXT_PUBLIC_HOST
?funk101
06/02/2022, 6:05 AMrp
06/02/2022, 6:06 AMfunk101
06/02/2022, 6:07 AMrp
06/02/2022, 6:08 AMNEXT_PUBLIC_HOST
correctly, it should workfunk101
06/02/2022, 6:08 AMrp
06/02/2022, 6:08 AMfunk101
06/02/2022, 6:10 AMrp
06/02/2022, 6:10 AMfunk101
06/02/2022, 6:10 AMrp
06/02/2022, 6:11 AMfunk101
06/02/2022, 6:11 AMrp
06/02/2022, 6:11 AMfunk101
06/02/2022, 6:11 AMrp
06/02/2022, 6:12 AMfunk101
06/02/2022, 6:12 AMrp
06/02/2022, 6:13 AMprocess.env.NEXT_PUBLIC_HOST
? You should see that console log on the browser consolefunk101
06/02/2022, 6:13 AMreactStrictMode: true
rp
06/02/2022, 6:13 AMfunk101
06/02/2022, 6:14 AMrp
06/02/2022, 6:17 AMNEXT_PUBLIC_HOST
is correct - print it out on the browser console to make surefunk101
06/02/2022, 6:17 AMrp
06/02/2022, 6:18 AMfunk101
06/02/2022, 6:18 AMrp
06/02/2022, 6:19 AM