dleangen
11/20/2022, 2:16 AMSuperTokens.init(SuperTokensInitConfig);
admin.initializeApp();
const app = express();
const whitelist: string[] = [
websiteDomain,
'http://localhost:4201',
'http://localhost:4202',
'http://localhost:4203',
... etc.
];
app.use(cors({
origin: function(origin, callback) {
if (origin && whitelist.indexOf(origin) !== -1) {
callback(null, true);
} else {
callback(new Error(`Origin ${origin} not permitted due to CORS policy`));
}
},
allowedHeaders: ['content-type', ...SuperTokens.getAllCORSHeaders()],
credentials: true,
}));
app.use(middleware());
app.use(errorHandler());
export default app;
rp_st
11/20/2022, 3:02 AMrp_st
11/20/2022, 3:02 AMrp_st
11/20/2022, 3:02 AMdleangen
11/20/2022, 3:13 AMrp_st
11/20/2022, 3:14 AMrp_st
11/20/2022, 3:23 AMdleangen
11/21/2022, 12:00 AMError: Origin undefined not permitted due to CORS policy
I was wondering if you have advice for this scenario. The only option I can think of is to just disable CORS when testing locally, but that is not my preferred option.nkshah2
11/21/2022, 5:13 AMdleangen
11/21/2022, 5:28 AMnkshah2
11/21/2022, 5:36 AMnkshah2
11/21/2022, 5:36 AM!origin
part should take care of requests to your local server from the browsernkshah2
11/21/2022, 5:49 AMorigin
as an array of strings instead of a functionnkshah2
11/21/2022, 6:03 AMapp.use((req, res, next) => {
if (req.originalUrl.endsWith("/auth/dashboard")) {
req.headers.origin = apiDomain;
}
next();
})
This will set an origin to the request for the dashboard to your api domain. Since the dashboard needs an API key to be accessed this should not be a problem and lets you test your project on local with CORS enablednkshah2
11/21/2022, 6:03 AMdleangen
11/21/2022, 7:23 AMnkshah2
11/21/2022, 7:39 AMdleangen
11/21/2022, 8:56 AMdleangen
11/21/2022, 8:57 AMrp_st
11/21/2022, 9:04 AMdleangen
11/21/2022, 10:09 AMrp_st
11/21/2022, 10:10 AMdleangen
11/21/2022, 10:11 AMrp_st
11/21/2022, 10:11 AM