1 year ago

#30026

test-img

Allennick

I get a CORS error when an url is called from steamcommunity

I implemented the steam auth in my website with these two endpoints:

app.post("/auth/steam", (req, res, next) => validateFirebaseIdToken(req, res, next), redirectSteamAuth);

app.get("/auth/steam/authenticate", loginWithSteam);

const steam = new SteamAuth({
    realm: "http://localhost:5001/stormtestfordota/europe-west1", // Site name displayed to users on logon
    returnUrl: "http://localhost:5001/stormtestfordota/europe-west1/api/auth/steam/authenticate", // Your return route
    apiKey: apiKey // Steam API key
});

const redirectSteamAuth = async (req, res) => {
    loggedUser = req.user.username;

    const redirectUrl = await steam.getRedirectUrl();
    return res.json(redirectUrl);
}

const loginWithSteam = async (req, res) => {
    try {
        const user = await steam.authenticate(req);

        db.collection("users").doc(loggedUser).update({
            steamId: user.steamid
        })

        activeDota2(loggedUser, user.steamid);

        return res.redirect("https://storm.co.gg/dashboard/home");
    } catch (error) {
        console.error(error);
        return res.status(401).json(error)
    }
}

When the user clicks on the auth with steam he gets redirected on the steamcommunity.com/openid/login page that is OK because we want this to happen. But when they click the login button I receive this message:

Error: Not allowed by CORS
    at origin (/Users/nick/Documents/StormAlgorithmDota/functions/index.js:47:14)
    at /Users/nick/Documents/StormAlgorithmDota/functions/node_modules/cors/lib/index.js:219:13
    at optionsCallback (/Users/nick/Documents/StormAlgorithmDota/functions/node_modules/cors/lib/index.js:199:9)
    at corsMiddleware (/Users/nick/Documents/StormAlgorithmDota/functions/node_modules/cors/lib/index.js:204:7)
    at Layer.handle [as handle_request] (/Users/nick/Documents/StormAlgorithmDota/functions/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/Users/nick/Documents/StormAlgorithmDota/functions/node_modules/express/lib/router/index.js:317:13)
    at /Users/nick/Documents/StormAlgorithmDota/functions/node_modules/express/lib/router/index.js:284:7
    at Function.process_params (/Users/nick/Documents/StormAlgorithmDota/functions/node_modules/express/lib/router/index.js:335:12)
    at next (/Users/nick/Documents/StormAlgorithmDota/functions/node_modules/express/lib/router/index.js:275:10)
    at cookieParser (/Users/nick/Documents/StormAlgorithmDota/functions/node_modules/cookie-parser/index.js:71:5)

This is strange because my whitelist is:

var whitelist = ['http://localhost:3000', 'https://storm.co.gg', 'https://steamcommunity.com']

So what's happening?

node.js

google-cloud-functions

cors

whitelist

steam-web-api

0 Answers

Your Answer

Accepted video resources

Posts

Questions

Blogs

Jobs