https://supertokens.com/ logo
Channels
Powered by
#support-questions
Title
# support-questions
c

codingtomato

07/05/2022, 10:42 AM
Do you have any experience on using SuperTokens behind cloudflare with a reverse proxy? My problem is that somehow my cors origins dont get passed even though I defined them
r

rp

07/05/2022, 10:43 AM
Hey! There shouldn't be anything special that you need to do for it. Are you facing an issue?
oh right.. that sounds like a config issue
will have to investigate
this works without cloudflare?
c

codingtomato

07/05/2022, 10:46 AM
in the localnetwork no because there is no ssl
between the proxy and the backend docker
But with my api tester it works locally but not over the domain
r

rp

07/05/2022, 10:47 AM
have you added cors middelware after or before the supertokens middleware?
c

codingtomato

07/05/2022, 10:48 AM
After
want me to try the other way around?
r

rp

07/05/2022, 10:55 AM
yea. Please add it before
and then try it
c

codingtomato

07/05/2022, 10:56 AM
like that?
Same Issue.. 😦
I have the same issue now locally too
r

rp

07/05/2022, 11:08 AM
oh sorry, i meant it should be before the ST middleware is addeed
So given that previously this error happed when behind cloudflare, can I see the response from the OPTIONS API call?
Does it have the list of access control allowed origin as per your config? Or is the list totally missing in the response? Or has it just stripped away localhost?
c

codingtomato

07/05/2022, 11:49 AM
access-control-allow-origin: http://localhost:3000
should be correct isnt it?
r

rp

07/05/2022, 11:50 AM
yea. that does seem fine
The one thing is that it's all small caps - "access-control-allow-headers". Maybe that's causing the issue? Not sure
c

codingtomato

07/05/2022, 11:56 AM
Im not sure why its setting it with small caps
r

rp

07/05/2022, 11:59 AM
does that happen without cloudflare too?
c

codingtomato

07/05/2022, 12:00 PM
No there it is normal
r

rp

07/05/2022, 12:00 PM
right yea.. so maybe google how to fix this
c

codingtomato

07/05/2022, 12:01 PM
i will take a look
thank you so much for your help so far
Is it better to use the web-library? I am useing the supertokens-website package
And i only get the error with the login request
Preflight works fine
r

rp

07/05/2022, 1:28 PM
you can use the web-js live yea. But i doubt it will solve this issue
c

codingtomato

07/05/2022, 1:28 PM
signing up also works
just the login wont work
i discovered that if i remove the Content-Type it resolves but says 
Missing input param: formFields
r

rp

07/05/2022, 1:29 PM
that's very strange
can i see how you are making the request?
And how you are making the sign up request too
c

codingtomato

07/05/2022, 1:30 PM
The signup only via insomnia.. my api tester
ok signup also doesnt work... sorry just if i try to create a user thats already created
r

rp

07/05/2022, 1:33 PM
yea this is a CORS issue.. it will only happen in the browser
c

codingtomato

07/05/2022, 1:36 PM
could the cookieSameSiteThing be the issue?
r

rp

07/05/2022, 1:37 PM
not really
if this works without cloudflare, then maybe reach out to their support for this.
c

codingtomato

07/05/2022, 1:58 PM
its the same thing if i connect without cloudflare
via my dyndns
r

rp

07/05/2022, 1:59 PM
Can you remove the 
capacitor://
URLs from the origin array and see what happens?
c

codingtomato

07/05/2022, 2:01 PM
nothing changed unfortuneatlly
r

rp

07/05/2022, 2:01 PM
hmm
What is the response header when you call the sign in API?
it gives a 502
why does it do that?
something else is making it return that
Can you call the sign in API and enable backend debug log?
c

codingtomato

07/05/2022, 2:03 PM
from the core or my backend
r

rp

07/05/2022, 2:03 PM
I suspect that it doesn't even reach our middleware, and something before that is throwing an error. Maybe some other middleware
backend debug logs
c

codingtomato

07/05/2022, 2:05 PM
i think you could be right...
r

rp

07/05/2022, 2:06 PM
so here it returns 200. Did you call this from the browser?
c

codingtomato

07/05/2022, 2:06 PM
no from insomnia...
in insomnia it is 502 again
r

rp

07/05/2022, 2:06 PM
oh. So why does the log say 200
c

codingtomato

07/05/2022, 2:07 PM
same thing in the browser
r

rp

07/05/2022, 2:07 PM
does the log say 200?
c

codingtomato

07/05/2022, 2:07 PM
yes
r

rp

07/05/2022, 2:08 PM
so strange
oh i know
are you using nginx?
c

codingtomato

07/05/2022, 2:08 PM
yes
r

rp

07/05/2022, 2:08 PM
it may be rejecting the response cause the cookie size is too long
you might need to change the nginx setting to allow for a longer cookie size
c

codingtomato

07/05/2022, 2:08 PM
okay i will check that
r

rp

07/05/2022, 2:09 PM
👍
c

codingtomato

07/05/2022, 2:19 PM
There i found the error log
r

rp

07/05/2022, 2:19 PM
yup!
so this is it
if you change the nginx config to allow a larger buffer, it will work
c

codingtomato

07/05/2022, 2:20 PM
large_client_header_buffers 4 64k;
Like that?
r

rp

07/05/2022, 2:20 PM
i think so
try it and see
c

codingtomato

07/05/2022, 2:27 PM
Thank you so much!!
It apparently works now
Copy code
location / {
    proxy_buffer_size          128k;
    proxy_buffers              4 256k;
    proxy_busy_buffers_size    256k;
......
}
This did it
Do you have a donation link or something like that?
r

rp

07/05/2022, 2:35 PM
haha well.. we don't have a donation link. Just tweet about us!
And tag @Supertokensio
c

codingtomato

07/05/2022, 2:35 PM
Will definetly do!!
But i doubt anyone will see that tweet
r

rp

07/05/2022, 2:38 PM
well, our followers will.. if you tag us
Powered by