Closed 0xadamm closed 1 week ago
I'm getting an error when running this in the browser because my base url is not the same as the api
when I deploy on the vercel I can't use this because it is an external file
const signIn = (email, password) => {
// log user in beginning
console.log("User Login in progress....");
fetch(`${signInUrl}`, {
method: "POST",
headers: {
"Content-Type": "application/json",
Accept: "application/json",
},
body: JSON.stringify({ email, password }),
}).then((res) => {
if (res.status === 200) {
console.log("User Login successful");
} else {
console.log("User Login failed");
res.json().then((errorData) => {
console.log("Error Message: ", errorData);
});
}
});
};
const signIn = async (email, password) => {
// log user in beginning
console.log("User Login in progress....");
try {
const response = await fetch(`${signInUrl}`, {
method: "POST",
headers: {
"Content-Type": "application/json",
Accept: "application/json",
},
body: JSON.stringify({ email, password }),
});
if (response.status === 200) {
// log user in successful
console.log("User Login successful");
} else {
// handle non-200 status codes
console.error(`Login failed with status: ${response.status}`);
const errorData = await response.json();
console.error("Error message:", errorData.message);
}
} catch (error) {
// handle network or other errors
console.error("Network or server error:", error);
}
};
Ideally, the solution is to configure the server to include the appropriate CORS headers.
This allows the browser to handle the request correctly without needing to disable CORS.
To resolve CORS issues, the server needs to include the appropriate headers in its response to indicate that it allows requests from different origins. The appropriate CORS headers could include:
The server-side API needs to be configured to expose the necessary headers to the client. Specifically, you need to use the Access-Control-Expose-Headers header to expose the Set-Cookie headers so they can be accessed by the client-side JavaScript.
Only the CORS-safelisted response headers are exposed by default.
For the client side to be able to access other headers, the server must list them using Access-Control-Expose-Headers
.
Unable to properly test the sign-in functionality from the dev environment due to a CORS issue
We are experiencing a Cross-Origin Resource Sharing (CORS) issue with our external script hosted at https://tronix-homepage-html.vercel.app/public/js/auth.js.
This script is making API calls that are being blocked by CORS policies, preventing it from functioning correctly.