Payload Cloud Next.js: 403 error… cors? | Payload | Page 1

spiral flume Apr 28, 2023, 2:13 PM

#

When you say vs-code is complaining, what do you mean? Like a type error? or an error in a console?

I don't see any type errors when I pull down a fresh copy of that repo

finite knoll Apr 28, 2023, 2:22 PM

#

Yes, type errors in vs code and 500 error in the browser console. I also did not see errors in the fresh pull of the auth example. Not sure why I'm getting them with such a bone simple start.

finite knoll Apr 28, 2023, 3:00 PM

#

finite knoll Apr 28, 2023, 8:09 PM

#

Payload Cloud Next.js: 403 error… cors?

#

Accidentally deleted the original message, oops! I believe the cors setting is not allowing Next.js to query the REST API. After dealing with the earlier issue (which was as simple as adding required: true to the slug in the post collection) I am now getting a 403 "You are not allowed to perform this action." response when calling a test function like this:

async function test() {
const getAllPosts: { docs: Post[] } = await fetch(
``${process.env.NEXT_PUBLIC_CMS_URL}/api/posts?limit=100``,
).then((res) => res.json());
console.log(getAllPosts);
}
test();

spiral flume Apr 28, 2023, 8:22 PM

#

ok. Are you logged in? Is this public content? If it is meant to be public, you will need to adjust the read access on that collection

finite knoll Apr 28, 2023, 8:22 PM

#

This is in the config:
cors: [process.env.PAYLOAD_PUBLIC_CMS_URL, process.env.PAYLOAD_PUBLIC_SITE_URL].filter(Boolean),

Both env vars output correctly, in this case: http://localhost:3000 and http://localhost:8000

spiral flume Apr 28, 2023, 8:22 PM

#

read: () => true

finite knoll Apr 28, 2023, 8:23 PM

#

Aha! This will be public content, yes.

#Payload Cloud Next.js: 403 error… cors?