Cors error connecting spring boot backend to next js frontend

Question

I need help on cors config concerning spring boot security. Everything works normally on postman. When I examine the requests, on the network tab in the browser, I found out that for all the request that don't work, the header returned as response doesn't contain anything. Here is the exact error I am getting:

Access to XMLHttpRequest at 'http://localhost:8081/api/v1/auth/login' from origin 'http://localhost:3000/' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource

Here are my configs

@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfig {

    private final JwtAuthenticationFilter jwtAuthFilter;
    private final AuthenticationProvider authenticationProvider;

    @Bean
    SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
                .csrf(csrf -> csrf.disable())
                .authorizeHttpRequests(authorize ->
                        authorize
                                .requestMatchers("/api/v1/auth/register", "/api/v1/auth/login")
                                .permitAll()
                                .anyRequest()
                                .authenticated()
                )
                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                .authenticationProvider(authenticationProvider)
                .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);
        return http.build();
    }

    @Bean
    CorsConfigurationSource corsConfigurationSource(){
        CorsConfiguration configuration = new CorsConfiguration();
        configuration.setAllowedOrigins(Arrays.asList("http://localhost:3000", "http://localhost"));
        configuration.setAllowedMethods(Arrays.asList("GET","POST", "PUT", "DELETE"));
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", configuration);
        return source;
    }
}

And then in the main application

@SpringBootApplication
public class KeeperApplication {

    public static void main(String[] args) {
        SpringApplication.run(KeeperApplication.class, args);
    }

    @Bean
    public WebMvcConfigurer corsConfigurer() {
        return new WebMvcConfigurer() {
            @Override
            public void addCorsMappings(CorsRegistry registry) {
                registry
                        .addMapping("/**")
                        .allowedOrigins("*")
                        .allowedMethods("*")
                        .allowedHeaders("*")
                ;
            }
        };
    }
}

I lookup into their docs and that's where I found the config below the security filter chain one but that doesn't seem to work either

can you enable CORS in spring security and check. – Akhil Aug 22 '23 at 16:15 — Akhil, Aug 22 '23 at 16:15

nquincampoix · Answer 1 · 2023-08-27T07:13:21.453

0

This message is probably issued by the frontend. For development purposes, you should use the Rewrites feature of Next.js (see this answer).

next.config.js :

module.exports = {
  async rewrites() {
    return [
      {
        source: '/api/:path*',
        destination: 'http://localhost:8081/:path*' // Proxy to Backend
      }
    ]
  }
}

edited Aug 27 '23 at 07:13

answered Aug 27 '23 at 07:05

nquincampoix

508
1
4
17

Cors error connecting spring boot backend to next js frontend

1 Answers1