https://www.ory.sh/ logo
Join Slack
Powered by
Hi ory-team, Do you have any advice on how to get ...
# talk-kratos
b
Hi ory-team, Do you have any advice on how to get around this preflight cors issue? Environment: β€’ Ory cloud β€’ React + vite β€’ using the 
submitSelfServiceLoginFlow
after 
initializeSelfServiceLoginFlowForBrowsers
(the GET requests works though), altered from the self-service ui repository
d
Hello. What’s your setup? What do you use as ingress controller(e.g Nginx, Envoy, traefik)
Ah. Sorry. I read the error
b
Hi @User Can I provide you with any additional information that could help to pinpoint the error? We are currently only testing locally (localhost:3000). Using the ory proxy doesn't make a difference. Also switching browsers didn't change anything (Chrome <-> Firefox). We use CORS Unblock to test locally. Appreciate any help πŸ™‚
d
b
I tried adding 
<http://localhost>
, 
<http://localhost:3000>
, 
<http://127.0.0.1>
, 
<http://127.0.0.1:3000>
to the allowed redirect urls in ory cloud but they don't seem to have any effect.... Do I have to use a 
kratos.yml
when I use ory cloud? I thought that was only needed when you develop with ory running in a docker container locally...
Ok I actually figured that one out myself after reading this resource. The trick was to only configure the request on the initializing of the self service login flow with the 
withCredentials: true
axios option set to true instead of having it on the base configuration. Now fighting again with the 
403
that the 
csrf_tokens
don't match. Any tipps for that?
It seems like the 
set-cookie
with the 
csrf_token
is not set on localhost, since we do not have secure connection there. Any ideas on how we could get around that, to make it work on local (chrome)?
i
Hi, after you initialise the login flow can you see any πŸͺs being set at all? And do you pass in the 
csrf_token
that you get back from the ui nodes into the 
submitSelfServiceLoginFlow
?
p
Hi @User Are you running your local setup through the Ory Proxy? e.g. your app is on localhost:3000 while the Ory proxy is on localhost:4000, so chrome should be on localhost:4000 and the requests should go through localhost:4000/.ory
Also make sure your browser, proxy and app must be on the same host e.g. localhost and not mixed between localhost and 127.0.0.1
b
@User Hi Alano, sorry for not replying I was out of office due to a covid infection πŸ˜… I do run the local setup through the ory proxy, but my login url is localhost:4000/auth/login. Can I not use a custom route in the frontend? I get a 
csrf_token
as a UINode and send it in the post request but the cookie is not set. When trying to use the 
withCredentials
flag for the post request it fails with a CORS error. Without them obviously the CSRF Token to validate against is missing...
p
Hi @User You can have custom routes on your frontend app. The proxy only reserves the 
/.ory
path. When calling an Ory API for example you would have to point your frontend application to the proxy url + 
/.ory
+ ory api (
/api/kratos/public/self-service/...
)
b
@User Awesome, following the thread worked! Do you plan to add a react example in the future or should we/I add a pr for that?
p
We do plan on adding that, but it would be awesome if you want to open a PR for that!
b
I will do a stripped down version of our current implementation to meet the test requirements. I hope I find some time for that in the next days. Thank you ❀️
❀️ 1
p
@User could you take a look at improving the docs here - we have lots of questions regarding the proxy and getting cors errors etc. Also @User would like to contribute to the docs with an example πŸ™‚
m
Hello @User Would love to take a look at your react example. I am tinkering on one myself, but I am not sure if I got the protected route right πŸ™ˆ So feel free to tag me in a PR or DM me πŸ™ @User That is a good point. I have some issues open for CORS. You already have some idea where this would fit best? Ory Proxy Guide, concepts/cors or maybe a Troubleshooting guide πŸ€” probably all of those... Would you be willing to open an issue for me so I can track it - then you can also include what is most important from your POV πŸ™ gratitude merci
b
Bear in mind that this is a work in progress PR and not yet finished. https://github.com/ory/docs/pull/691
2 Views
Open in Slack
PreviousNext
Powered by