Fix CORS Issue with Laravel Passport

[rogervila]

Hello,

When using Laravel Passport on Jetstream powered with Inertia, I get a CORS issue because the callback URL is handled by Inertia with an AJAX Request.

In order to solve it, I have modified my HandleInertiaRequests middleware to detect external locations and force redirections without AJAX.

[claudiodekker]

Hi @rogervila,

This looks like an issue with the CORS headers not being present on the back-end routes. Because this is more of a Laravel specific issue that can be solved using it's CORS middleware & config and not something that's specific to Inertia, I'll be closing this PR.

More info:

• https://laravel.com/docs/8.x/routing#cors
• https://laravel.com/docs/8.x/sanctum#cors-and-cookies

[rogervila]

Hi @claudiodekker is ok to close it then, I will review CORS headers.

[abbluiz]

@rogervila Have you figured out the CORS settings for this to work?

[rogervila]

@abbluiz not yet.

I have tested with 2 Laravel projects created from scratch without modifications:

When Passport is installed on a plain Laravel project with blade views, it works.

The same process with a Laravel project with Jetstream and Inertia fails because the login form submission triggers an AJAX request to the client site instead of making a full redirection.

This is why I implemented this change, to make sure that outgoing redirections trigger a full reload.

[abbluiz]

@rogervila I have managed to fix the CORS problem with Passport, but the issue with cors was really with the OAuth 2.0 client (which was a Next.js application in my case), nothing related with Inertia/Laravel.

But, I still had to make similar modifications to make proper redirects. Check this issue #303 when you get a chance.