https://www.ory.sh/ logo
q

quiet-intern-84955

02/13/2022, 9:22 PM
I currently have Ory Kratos implemented in a Next.js app and a backend that is hosted elsewhere on a different domain. After registration I create a user in my backend’s database with the id provided by Kratos so that I can get user from the request’s context and use that for protecting my API.
Copy code
export const getUserFromContext = async ({ prisma, req }: Pick<Context, "prisma" | "req">) => {
  try {
    const { data: session } = await oryApiClient.toSession(undefined, req.headers.cookie);

    if (!session) {
      return null;
    }

    const user = await prisma.user.findUnique({ where: { id: session.identity.id }, include: { roles: true } });

    return user;
  } catch (error) {
    return null;
  }
};
Works completely fine locally, but since my backend is hosted on a different domain than my Next.js app I guess the cookies are undefined (correct me if I’m wrong) and it fails. Is there no way around this other than having the backend on the same domain or am I being stupid? 😄
s

stale-queen-97584

02/13/2022, 10:04 PM
I believe it's currently impossible to use different top level domains
d

damp-sunset-69236

02/14/2022, 5:34 AM
Hello. You can make it work by using one domain. Like
Copy code
<http://frontend.example.com|frontend.example.com>
<http://kratos.example.com|kratos.example.com>
<http://backend.example.com|backend.example.com>
In that case you can have everything work fine. You can check • Configuring CookiesAdvanced Base URL, CSRF &amp; Session Cookie Settings You can add CNAME records for the backend hosted elsewhere to make it work. As another option you can setup your ingress to proxy traffic from another domain. The example of different domains is below
Copy code
<http://frontend.example.com|frontend.example.com>
<http://backend.different-domain.com|backend.different-domain.com>
q

quiet-intern-84955

02/14/2022, 10:29 AM
Is there not a way to use the
Authorization
header instead of relying on the backend being on the same domain 🤔
I’m using Ory Cloud atm just fyi
4 Views