1

I have been trying to solve this issue for the pass 5 days and been searched every where on internet every solution tried in last same error Cors origin

my api is on api.mydomain.edu.af and spa is on spa.mydomain.edu.af i am shared all necessary information required to answer this question.

I can get XSRF-Token through sanctum/csrf-cookie end point after that when login is called it gives the cors error

login endpoint is on api.mydomain.edu.af/api/login which is defined in api.php

my login request from reactjs is through axios following are the details of axios request

i have setup .env sanctum stateful domain = mydomain.edu.af session domain =.mydomain.edu.af

cors file is also configured correctly

any answer will help me in this regarding

Kernal.php

 protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            // \Illuminate\Session\Middleware\AuthenticateSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
        'api' => [
            \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
            'throttle:api',
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
    ];

cors.php

  'paths' => ['api/*', 'sanctum/csrf-cookie'],

    'allowed_methods' => ['*'],

    'allowed_origins' => ['*'],

    'allowed_origins_patterns' => [],

    'allowed_headers' => ['*'],

    'exposed_headers' => [],

    'max_age' => 0,

    'supports_credentials' => true,

sanctum.php

 'stateful' => explode(',', env(
        'SANCTUM_STATEFUL_DOMAINS',
        'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1,'.parse_url(env('APP_URL'), PHP_URL_HOST)
    )),

and I have both of these in .env file

SANCTUM_STATEFUL_DOMAINS=mydomain.edu.af
SESSION_DOMAIN=.mydomain.edu.af

and this is my reactjs requst before this I have sent scrf cookie request and i can get them in application

axios.defaults.withCredentials = true;
      await axios
        .post(global.config.main.Api_Url + "/api/login", postData, {
          headers: { Accept: "application/json" },
        })
        .then((response) => {
          if (response.status === 200) {
            signIn({
              token: response.data["token"],
              expiresIn: 3600,
              tokenType: "Bearer",
              authState: { firstname: response.data["firstname"] },
            });
          } else {
            setError("Something Went Wrong!");
          }
        });
Hedayatullah Hedayat
  • 11
  • 3

0 Answers0