```java from origin 'http://localhost:8080' has be...
# support-questions-legacy
a
Copy code
java
from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled
How can i fix this?
Copy code
php
        if ($request_method ~* "(GET|POST)") {
              add_header "Access-Control-Allow-Origin" "http://localhost:8080";
            add_header "Access-Control-Allow-Headers" "fdi-version, rid";
        }

        # Preflighted requests
        if ($request_method = OPTIONS ) {
              add_header "Access-Control-Allow-Origin" "http://localhost:8080";
              add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS, HEAD";
            add_header "Access-Control-Allow-Credentials" "true";
              add_header "Access-Control-Allow-Headers" "fdi-version, rid";
              return 200;
        }
r
hey @Aithusa
Whats the response from the OPTIONS API call? I wanna see the response headers.
a
General
Copy code
Request URL: -
Request Method: OPTIONS
Status Code: 204 No Content
Remote Address: -
Referrer Policy: strict-origin-when-cross-origin
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 02 Nov 2022 14:46:47 GMT
Connection: keep-alive
Response
Copy code
Access-Control-Allow-Origin: http://localhost:8080
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,rid,fdi-version
Content-Length: 0
Request
Copy code
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Access-Control-Request-Headers: content-type,fdi-version,rid
Access-Control-Request-Method: POST
Connection: keep-alive
Host: 147.182.217.229
Origin: http://localhost:8080
Referer: http://localhost:8080/
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 Edg/107.0.1418.26
r
And the POST response?
Also, have you considered using a cors midldeware library instead of manually adding these headers?
a
Thats for the post request
r
The response headers in the post request should also have the access-control-allow-origins header
You should use a cors middleware library instead of doing this manually
a
How would I do that?
r
See our backend setup section in the docs. It has a section about cors
Or google how to setup cors for your framework. There would be lots of tutorials
a
I keep getting 404 not found, does this look right?
Copy code
javascript
import express from "express";
import cors from "cors";
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import EmailPassword from "supertokens-node/recipe/emailpassword";
import { errorHandler, middleware } from "supertokens-node/framework/express";

let app = express();
supertokens.init({
    framework: "express",
    supertokens: {
        connectionURI: "http://wheremysupertokensishosted/api",
    },
    appInfo: {
        appName: "appname",
        apiDomain: "http://wheremysupertokensishosted/api",
        websiteDomain: "http://localhost:8080",
        websiteBasePath: "/auth",
    },
    recipeList: [
        EmailPassword.init(), // initializes signin / sign up features
        Session.init() // initializes session features
    ]
});

app.use(cors({
    origin: "http://localhost:8080",
    allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
    credentials: true,
}));

// IMPORTANT: CORS should be before the below line.
app.use(middleware());
app.use(errorHandler())

app.listen(3000)
// ...your API routes
r
can you enable backend debug logs to show me its output when you call the API?
a
Never mind, I think I figured out what I was doing wrong
r
sounds good!
a
After logging in whenever I go to /auth it automatically redirects me, how would I reset this so I can test the login screen?
r
Call the signOut function
a
I'm getting 404 error for signout
I'm not getting 404 for signin
Copy code
javascript
import Session from "supertokens-web-js/recipe/session";

async function signout() {
  await Session.signOut(); 
  window.location.href = "/auth"
  console.log("[Auth] User signed out")
}
r
have you done session.init on the backend?
also, can you enable backend debug logs and show me the output when you call signOut function?
a
Its working now after I waited for some time, I didn't even change anything
r
hmm. Thats odd
a
With email confirmations and password resets, is there a limit to how emails we are allowed to send?
r
no limits
a
Is it possible to mask the email domain without hosting my own smtp server?
r
That’s not possible. If you want to send emails with your own domain; you have to use your email provider’s SMTP setting. Or then use a service like mailchimp
2 Views