Getting CORS errors on Heroku deploy

[jlvandenhout]

Somehow, even though CORS headers seem to be set looking through the source code, I'm not seeing them added in the response and I'm getting a CORS error trying to authenticate GitHub users using a Heroku deployment:

Access to fetch at 'https://[APP].herokuapp.com/authenticate/[CLIENT_ID]' from origin 'http://[ORIGIN]' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

When I changed the code to use the cors package, the headers do seem te be added. I'm not sure what that package does differently from what you do here, but might be interesting to investigate?

[jlvandenhout]

So to come back to this, the CORS errors are caused by the Heroku app crashing for some reason. I deployed to Heroku using the button in the README and double checked my settings. When requesting the token from the Heroku app, it crashes with:

at=error code=H10 desc="App crashed" method=GET path="/authenticate/8017e66b224ec9949727" host=rocky-stream-75830.herokuapp.com request_id=572fdfe1-dfa6-4838-874d-b5768e222748 fwd="213.127.31.163" dyno= connect= service= status=503 bytes= protocol=https