https://supertokens.com/ logo
Title
c

cristoforo

02/24/2023, 3:51 PM
Hello. I'm having trouble with the Session (Only) Recipe. I am able to create a boilerplate project just fine, but once I start introducing routes to my express server, I'm getting CORS errors. My config looks good (
websiteDomain
and
apiDomain
looks fine on both front-end and backend). I am trying to do a GET request from a basic, unprotected route before making a second API call to create Session on the backend. The first GET request to
http://localhost:4000/authenticate/...
fails so the second request that begins the SuperToken logic on the backend never gets called. Can anyone offer any insight here?
r

rp

02/24/2023, 6:41 PM
hey @cristoforo do you use graphql or anything else that could be overwriting the cors middleware setting?
c

cristoforo

02/24/2023, 6:42 PM
No graphql. I don’t think anything else is overwriting. Is it ok to hit server with standard api calls unrelated to super token? I would assume yes.
r

rp

02/24/2023, 6:42 PM
it is
im not sure why the cors middleware's setting aren't being applied and * is being set for allowed origin even though you have set it to localhost:3000
c

cristoforo

02/24/2023, 6:45 PM
I am serving this from AWS API Gateway:
Could that be causing an issue?
r

rp

02/24/2023, 6:45 PM
Oh yea. For sure. You need to set the right cors in aws gateway as well
c

cristoforo

02/24/2023, 6:48 PM
hm. I am serving the app there on line 39 and it should be using the cors middleware with options I sent you in my previous screenshot.
r

rp

02/24/2023, 6:49 PM
Right. But the api gateway is probably overwriting the cors headers
c

cristoforo

02/24/2023, 6:49 PM
ok i will look into this.
thank you.
So if I follow these docs here, it should work? https://supertokens.com/docs/thirdparty/serverless/with-aws-lambda/about
r

rp

02/27/2023, 5:35 PM
it should - yea