I'm developing a React application that uses Firebase Authentication for Google sign-in. After successful sign-in, I retrieve the Firebase ID token and send it to my Node.js/Express server for verification.
When I attempt to sign in using Google, I encounter the following errors in my browser's console:
Access to XMLHttpRequest at 'http://localhost:3005/api/verify-token' from origin '' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
SignUp.jsx:39 Error during sign-in: AxiosError {message: 'Network Error', name: 'AxiosError', code: 'ERR_NETWORK', config: {…}, request: XMLHttpRequest, …}
POST http://localhost:3005/api/verify-token net::ERR_FAILED
My React application is running through ngrok at , and my Express server is running on http://localhost:3005.
My React application is running through ngrok at , and my Express server is running on http://localhost:3005.
What I've Tried:
I've added the cors middleware to my Express server, specifying the ngrok URL as the allowed origin.
I've verified that the Firebase Admin SDK is correctly initialized on the server.
I've made sure that the Authorization header is being sent from the react app.
I've verified the token verification logic on the server side. My Question:
Why am I still getting the CORS error and the network error? Is there something wrong with my CORS configuration, or is there another issue that I'm overlooking? How do I properly configure my Express server to allow cross-origin requests from my ngrok URL?
Any help would be greatly appreciated.