error while add a cors to my next.js api

Answered

American black bear posted this in #help-forum

American black bearOP

2024-09-20T14:07:33.376Z

import { NextRequest, NextResponse } from 'next/server';
import { getServerSession } from 'next-auth/next';
import DiscordOauth2 from 'discord-oauth2';
import { authOptions } from '@/lib/auth';
const oauth = new DiscordOauth2();
import { api } from '@/lib/discordClient';
import cors, { runMiddleware } from '@/lib/cors';

export async function GET(req: NextRequest,res: NextResponse) {
  await runMiddleware(req, res, cors);
 
  try {
    const session = await getServerSession(authOptions as any) as any;

    if (!session || !session.accessToken) {
      return NextResponse.json({ message: 'No session or access token found' }, { status: 401 });
    }

    const allGuilds = await oauth.getUserGuilds(session.accessToken);

    const guilds = await Promise.all(
      allGuilds
      .filter(g => Number(g.permissions) & 8)
        .map(async (guild) => {
          const isJoined = await checkGuildMembership(guild.id, session.accessToken);
          return {
            ...guild,
            isJoined,
          };
        })
    );

    return NextResponse.json({ guilds });
  } catch (error: any) {
    return NextResponse.json({ message: 'Failed to fetch guilds', error: error.message }, { status: 500 });
  }
}

async function checkGuildMembership(guildId: string, accessToken: string): Promise<boolean> {
  try {
    const guild = await api.guilds.get(guildId) as any;

    if (!guild || guild.code === 10004) { 
      console.warn(`Guild not found or bot is not in the guild (guildId: ${guildId})`);
      return false;
    }

    return !!guild.id;
  } catch (error: any) {
    if (error.rawError?.code === 10004) {
      console.error(`Unknown Guild: ${guildId}`);
    } else {
      console.error(`Failed to check guild membership for guildId ${guildId}:`, error);
    }
    return false; 
  }
}

Answered by gin

this is because the origin is only sent when u make a request from clientside to a different host

View full answer

41 Replies

American black bearOP

2024-09-20T14:07:51.928Z

import Cors from 'cors';

const cors = Cors({
  methods: ['GET', 'HEAD', 'POST'],  
  origin: '*', 
  allowedHeaders: ['Content-Type', 'Authorization'], 
});

function runMiddleware(req:any, res:any, fn:any) {
  return new Promise((resolve, reject) => {
    fn(req, res, (result: any) => {
      if (result instanceof Error) {
        return reject(result);
      }
      return resolve(result);
    });
  });
}

export default cors;
export { runMiddleware };

⨯ TypeError: res.setHeader is not a function

is there way better ?

@American black bear is there way better ?

gin

2024-09-20T14:10:36.768Z

https://nextjs.org/docs/app/building-your-application/routing/route-handlers#cors

or use middleware

https://nextjs.org/docs/app/building-your-application/routing/middleware#cors

American black bearOP

2024-09-20T14:11:31.310Z

what is better

middleware will works

with all api routes

request.headers.get('origin') its retrun to null

i don't know why

Double-striped Thick-knee

2024-09-20T14:12:19.173Z

take a look ,

// next.config.js

/** @type {import('next').NextConfig} */
const nextConfig = {
    async headers() {
        return [
            {
                // matching all API routes
                source: "/api/:path*",
                headers: [
                    { key: "Access-Control-Allow-Credentials", value: "true" },
                    { key: "Access-Control-Allow-Origin", value: "*" }, // replace this your actual origin
                    { key: "Access-Control-Allow-Methods", value: "GET,DELETE,PATCH,POST,PUT" },
                    { key: "Access-Control-Allow-Headers", value: "X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version" },
                ]
            }
        ]
    }
}

module.exports = nextConfig