Weird issue with CORS policy?

spizzy · May 31, 2022, 5:59pm

Hey, so I built a simple authentication system with Phoenix.

I make a Post request to my /signup and /login route. The signup route works fine and all the user data (email, pw, username) is saved in the database.
But when trying to sign up (with correct data) I get “Access to fetch at ‘http://localhost:4000/login’ has been blocked by CORS policy”. My frontend is Port 3000, my phoenix backend is Port 4000. I already added cors to my router, tho here is my router.

defmodule TestWeb.Router do
  use TestWeb, :router

  pipeline :api do
    plug TestWeb.Plugs.RateLimiter
    plug CORSPlug, origin: "*"
    plug :accepts, ["json"]
    plug TestWeb.Plugs.AuthPlug
  end

  scope "/", TestWeb do
    pipe_through :api

    post "/login", UserController, :login
    post "/signup", UserController, :signup
    get "/test", UserController, :test

    # CORS
    options "/login", UserController, :login
    options "/signup", UserController, :signup
    options "/test", UserController, :test
  end
end

If needed, here is how the whole thing works WianFjr8O8 | SourceBin

derek-zhou · May 31, 2022, 6:38pm

May not be phoenix, the problem could be in your browser. Some browser blocks local CORS for no apparent reasons.

spizzy · May 31, 2022, 7:03pm

oh really, now way. but there is no issue with the router right?

derek-zhou · May 31, 2022, 7:10pm

Check the response headers, which can be seen from the browser debug tool, to make sure.

spizzy · May 31, 2022, 7:32pm

there is a lot of informations but policy is strict-origin-when-cross-origin

spizzy · May 31, 2022, 8:15pm

removed plug cors, this is how my router.ex looks like

defmodule TestWeb.Router do
  use TestWeb, :router

  pipeline :api do
    plug TestWeb.Plugs.RateLimiter
    plug :accepts, ["json"]
    plug TestWeb.Plugs.AuthPlug
  end

  scope "/", TestWeb do
    pipe_through :api

    post "/login", UserController, :login
    post "/signup", UserController, :signup
    get "/test", UserController, :test

    # CORS stuff :(
    options "/login", UserController, :login
    options "/signup", UserController, :signup
    options "/test", UserController, :test
  end
end

My endpoint.ex looks like this

plug Corsica, origins: "*"

but what else do I have to add? because in the endpoint file I cant use pipeline as its a unknown function