https://www.ory.sh/ logo
Join Slack
Powered by
Hello everyone :wave: I am trying to implement th...
# talk-kratos
h
Hello everyone đź‘‹ I am trying to implement the FE bits (next.js) for Kratos login flow. I have cloned and run this repo and it works with the next.js proxy (
api/.ory
pages) and our kratos instance. Everything is set up correctly: ssl, CORS. However, we do not want to use next.js or any other proxy. When I try to use ory client without proxy, the session initiation works (
/self-service/login/browser
), but actual login/signup doesn’t (
self-service/login?flow={id}
), giving an 403 error 
security_csrf_violation
about csrf_token. I would appreciate some help 🥲
h
Hey there! Are you using self-hosted ory kratos, or ory cloud?
h
ory cloud
h
Ok thank you! Are you trying to integrate the session checking in your NextJS app, or are you trying to create your own ui screens?
h
we want our custom ui screens, so it’s AJAX flow
h
Ok got it, give me a minute 🙂
🙏 1
h
my understanding is that I can not use ory client SDK without a proxy, cause it simply doesn’t pick up the needed cookies. so I am not sure what is the best approach there — construct a ajax call myself and pass the cookies?
h
We’re currently working on documentation for this. One of the documentation previews is this one: • https://docs-owu2tid4z-ory.vercel.app/docs/guides/protect-page-login/spa It’s very generic but it helps explain the concepts of setting it up. There are also two new documents here: • https://www.ory.sh/docs/security-model • https://www.ory.sh/docs/guides/local-development It would be great to hear if those are helpful to you. Regarding the app ( https://github.com/ory/kratos-selfservice-ui-react-nextjs ). Have you tried:
Copy code
git clone <https://github.com/ory/kratos-selfservice-ui-react-nextjs.git>
cd kratos-selfservice-ui-react-nextjs
npm i
export ORY_SDK_URL=<https://yourproject.projects.oryapis.com>
npm run dev
That will setup the app correctly.
🙌 1
h
thank you! will give it a read now 🙌 I think I tried setting up this env var with our kratos URL, will give it a try again, just to be sure.
ok, so 
export ORY_SDK_URL=
is just rewriting the 
basePath
, so it’s not what I am looking for. I will try the SPA approach. thank you for the quick answer!
h
Hm but the example works in e2e tests using this method. Are you sure there’s no mix up?
If I do this on my machine, the UI is using my project through AJAX. Isn’t that what you need?
h
I set up the var and run the app again 🤔 lemme try cloning again
h
What did you expect to happen and what didn’t work when you did it?
h
so it is running through next.js API 
/api/.ory/[…paths].ts
and I don’t want that. I want to talk to kratos directly from my component bypassing the next.js middleware part
h
That only works if you set up a Custom Domain (in prod) or you use the Ory Tunnel or the Ory Proxy (on local). You can’t get around it
h
we have set up out custom domain, I am not using the ory cloud link, I am calling our custom URL
h
Ah, I see! In that case make sure you have enabled CORS on your custom domain https://www.ory.sh/docs/guides/custom-domains#cors And make sure the SDK has “credentials: inlcude”:
Copy code
const ory = new V0alpha2Api(new Configuration({
  basePath,
  baseOptions: {
    // Ensures we send cookies in the CORS requests.
    withCredentials: true
  }
}))
h
that’s the deal — 
withCredentials: true
, helped!
thank you 🙌
h
oh, awesome! let me add that to the docs in the security model
h
yep, that will really help 🙂
h
Awesome, glad you got it working 🙂 Out of curiosity, may I ask what you’re working on? 🙂
h
we are implementing a new auth system based on ory, nothing fancy. I am not sure yet if I am going to implemented in our SPA (react) or next.js environment
h
cool, thank you 🙂
7 Views
Open in Slack
PreviousNext
Powered by