带有Auth0的Localhost和CORS不允许我登录 [英] Localhost and CORS with Auth0 not allowing me to login
问题描述
我正在制作一个React应用,并尝试使用Auth0进行身份验证.尝试登录后,它返回以下内容:
I'm making a React app and trying to use Auth0 to authenticate. After trying to log in, it returns this:
XMLHttpRequest无法加载 https://my-domain.auth0.com/usernamepassword/login .对预检请求的响应未通过访问控制检查:响应中的"Access-Control-Allow-Credentials"标头的值为",当请求的凭据模式为"include"时,该值必须为"true".因此,不允许访问来源' http://localhost:3000 .XMLHttpRequest发起的请求的凭据模式由withCredentials属性控制.
XMLHttpRequest cannot load https://my-domain.auth0.com/usernamepassword/login. Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. Origin 'http://localhost:3000' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
我认为这可能与此有关: Auth0和React的CORS问题,但是我在Auth0设置的允许的来源(CORS)"位置中都有 http://localhost:3000,http://localhost:3000/login
(是的,我正在使用正确的客户端ID).
I thought it would be related to this: CORS problems with Auth0 and React but I have both http://localhost:3000, http://localhost:3000/login
in the 'Allowed Origins (CORS)' spot in Auth0's settings (and yes I'm using the correct client ID as well).
我尝试将 http://localhost:3000/,http://localhost:3000/login
放入允许的回调URL"(不确切知道该怎么做)中,但是没有也不行.
I tried putting http://localhost:3000/, http://localhost:3000/login
in the 'Allowed Callback URL's (don't know exactly what that does) but that didn't work either.
当我使用社交关系(Google)时,将 http://localhost:3000/login
放入允许的回调URL中后,我可以登录.
When I use the social connection (Google) it allowed me to login after putting http://localhost:3000/login
in the Allowed Callback URL's.
但是它仍然仅对新用户登录无效.
But it still won't work for just a new user logging in.
有帮助吗?
如果有所作为:
-
Auth0日志显示了社交登录名,但是如果我以其他方式连接,则根本没有任何日志
Auth0 Logs show for the social login but there are no logs at all for when I connect otherwise
我认为与此相关的是,每次加载页面时我也会得到此信息:
I think related to this is that I also get this every time I load the page:
获取SSO数据时出错.这可能仅表示网络存在问题.但是,如果在此警告之前记录了来源"错误,请添加" http://localhost:3000 "转到Auth0信息中心中的允许的起源(CORS)"列表:...(链接到我的破折号)
There was an error fetching the SSO data. This could simply mean that there was a problem with the network. But, if a "Origin" error has been logged before this warning, please add "http://localhost:3000" to the "Allowed Origins (CORS)" list in the Auth0 dashboard: ...(link to my dash)
我从gravatar网站上得到了404
I get a 404 from the gravatar website
我也遇到这些错误(可能不相关):
Also I get these errors (may not be related):
拒绝设置不安全的标头接受编码"
拒绝设置不安全的标头用户代理"
推荐答案
Auth0中的客户端出现了问题.我不知道这是什么,但是我构建了一个Angular4应用并在Auth0中连接到相同的客户端,并遇到了相同的错误.然后,我尝试删除Auth0中的客户端并制作一个新客户端,现在它可以工作了.我不知道是什么导致了错误,但是创建一个新客户端并连接到该客户端解决了该问题.
Something was wrong with the client in Auth0. I don't know what it was but I built an Angular4 app and connected to the same client in Auth0 and got the same errors. I then tried deleting the client in Auth0 and making a new one and now it works. I have no idea what was causing the error, but creating a new client and connecting to that one fixed the issue.
这篇关于带有Auth0的Localhost和CORS不允许我登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!