CORS on gotrue-js login when working with Netlify Dev

Niklison · January 29, 2021, 10:52pm

netlify site name: lyvetool.netlify.app

I am using gotrue-js to login a user, while running netlify locally with netlify dev

I have tried this configurations, none of them work:

  auth = new GoTrue({
      APIUrl: 'https://lyvetool.netlify.app/.netlify/identity',
      audience: '',
      setCookie: false,
  });

fails with CORS.

and

  auth = new GoTrue({
      APIUrl: 'http://localhost:8888/.netlify/identity',
      audience: '',
      setCookie: false,
  });

fails with 404.

Is there a way of testing netlify’s identity locally with netlify dev?

Niklison · July 31, 2020, 10:25am

The best solution I found until now is running chrome with:

google-chrome --disable-web-security --user-data-dir=.test-google-chrome/

Dennis · August 6, 2020, 1:33pm

Hi @Niklison, welcome to the community!

Yea, typically, I would say there wouldn’t be an easy way to test Identity locally but your workaround/solution will work. You’d just want to make sure not to use that instance of Chrome to browser anywhere except your localhost due to the lower security.

Let me know how that goes!

jjalonso · January 1, 2021, 12:56pm

Hi guys, im new to netlify, and i had same issue, netlify identity throw cors errors when using netlify dev or in preview deployments but not in prod, I was reading few post similar and people said that it should work when using netlify dev but it doesnt for me, and in this post @Dennis im understanding that identity cors will never work locally even using netlify dev am I right?

jjalonso · January 1, 2021, 12:58pm

for example:

How this guy got it working if you just said will not be possible?

jen · January 8, 2021, 11:06pm

Hey @jjalonso,
I believe Niklison got it working by disabling the CORS check in Chrome, as described here:

This is not secure for regular browsing, so what Dennis is saying above is to be sure to only use the Chrome instance where you disable the CORS check for local browsing and testing your app.

jonsully · January 9, 2021, 3:34am

FWIW @jjalonso, I believe if you’re developing on port 8888 (default for Netlify dev), you should also not get CORS errors from GoTrue

–
Jon

jjalonso · January 9, 2021, 5:43am

On port 8888 I’m getting cors error from hottie yep.

Dennis · January 22, 2021, 6:19pm

Hey @jjalonso, not super familiar with the hot reload module you are using (hottie). Have you tried using something other than that. Have you tried using something like parcel or create-react-app that both have hot reload functionality built in?

jjalonso · January 22, 2021, 10:14pm

what hottie? im using cra.

jonsully · January 23, 2021, 1:44am

In your prior reply you said:

So I too am not sure what you mean/meant there

–
Jon

jjalonso · January 23, 2021, 2:25am

My apologies guys, I think the hottie thing was some typo or thing of the spell corrector and not sure what i meant to say, actually i didnt even know that hottie is some sort or tool or similar lool

Im using cra.

perry · January 28, 2021, 11:19pm

@jjalonso , can you explain again in a different way what the problem is and what you have already tried? i think we are all feeling a bit lost! thanks.

jjalonso · January 29, 2021, 10:17pm

I solved it using a chrome extension, since it only happen in development and not in production it could work for me but is just because i have a ‘disable cors’ extension on my chrome browser.

The question is, should CORS error be thrown when using gotrue library from cli ‘netlify dev’ ?

jonsully · January 29, 2021, 10:41pm

The definite answer here is no, it shouldn’t. Although I can’t speak to the specifics of why yours does, that shouldn’t occur.