b
Hi I am trying out ORY and specially ORY-KRATOS for learning and then later applying it in my project at work,
I have a setup where
my react app is on localhost:3000
my node JS app is on localhost:4000
and I am using ORY CLOUD for now.
I am trying to create a registration and login flow at a basic level to see and understand the flow.
What I am trying is sending requests from react frontend towards node JS (for example localhost:5000/api/user/signup) and then at node JS when I receive this request as a GET method I call the api for initiating the browser flow (https://www.ory.sh/docs/reference/api#operation/initializeSelfServiceRegistrationFlowForBrowsers). I get the response which I communicate back to my react frontend. Now from here when I get the flow ID back at the frontend I send post request to same signup route on my nodejs app with traits.email, password, method and csrf_token and in my nodejs app this I call the api for registration submission (https://www.ory.sh/docs/reference/api#operation/submitSelfServiceRegistrationFlow) but I get a “security_csrf_violation” response. I read about this and I need to set the cookie but I dont have any cookie on my react app or I haven’t set it up (confused here). I am using cookie session on my nodejs app but I need to understand how to correct my flow here, do I need to set a cookie on nodejs after the first api call (initiate browser api) or something else?.
Another question is that what I am trying that I described above, is it correct way to implement and learn about ory kratos and ory or I should do something else?? If it is correct any help on how can i correct my flow will be really helpful.
How can I set the cookie on the frontend after the first api call (initiating browser flow) which is being done in Node JS if that is required.
Thanks for any input in advance.