Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question] CORS Error on all requests #25

Closed
jjjrmy opened this issue Jan 21, 2024 · 4 comments
Closed

[Question] CORS Error on all requests #25

jjjrmy opened this issue Jan 21, 2024 · 4 comments
Assignees
@jjjrmy
Labels
question Further information is requested

Comments

@jjjrmy
Copy link

jjjrmy commented Jan 21, 2024

I setup Laravel Sanctum exactly like the docs say. If I copy the requests out of network tab in Chrome and put them in Postman, then the requests work fine.

Access to fetch at 'https://laravel.test/api/user' from origin 'https://spa.laravel.test' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
@jjjrmy
Copy link
Author

jjjrmy commented Jan 21, 2024

I think maybe this is some sort of CORS error due to Laravel Valet's SSL certificate.

@manchenkoff manchenkoff mentioned this issue Jan 22, 2024
Closed
@manchenkoff manchenkoff added the question Further information is requested label Jan 22, 2024
@manchenkoff
Copy link
Owner

manchenkoff commented Jan 22, 2024
edited
Loading

Hey @jjjrmy!
I've quickly checked your website with credentials, but I do not see any CORS error.
https://nuxt.likewizard.com (johndoe@example.com, secret)

However, I noticed that the server returns an additional header X-Csrf-Token with some unexpected value. The response to the login request is a 302 redirect, which is not expected for the first attempt. API call from the Nuxt app succeeded in getting a CSRF token to pass it to the server. As far as I remember, 302 could be returned by server if it is not configured with proper middleware for API requests or CSRF token is invalid, both options might be your case.

Nuxt application sends a proper set of headers (xsrf token, origin, referrer) as well as content type, but it would be useful to check the backend configuration, especially the list of the following things:

  • session domain in .env file
  • allowed origins for sanctum
  • auth configuration
  • code of the authentication controller (action)

Based on these details, I assume that the backend part is misconfigured and we should focus on fixing it first. Also I would recommend setting up additional logs on the Laravel side to check what is going on when it receives a request from Nuxt.

@manchenkoff manchenkoff changed the title CORS Error on all requests [Question] CORS Error on all requests Jan 22, 2024
@jjjrmy
Copy link
Author

jjjrmy commented Jan 23, 2024

I'm going to close this issue because it entirely seems like an issue with my local environment and making requests to endpoints with Valet SSL certificates.

@jjjrmy jjjrmy closed this as completed Jan 23, 2024
@manchenkoff
Copy link
Owner

@jjjrmy no problem, feel free to re-open it in case of issues related to the package!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jjjrmy jjjrmy

Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jjjrmy @manchenkoff