I need to make a POST request with data to a URL, using TOTP (Time-based One-Time Password). I keep getting the following message from server.
========================================================
Access to XMLHttpRequest at URL from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://topic.name.com' that is not equal to the supplied origin.
========================================================
I am using otplib as library to help me generate TOTP.
- Setting for TOTP is 30 seconds interval (default)
- T0 is 0 (epoch)
- Digit is 10
- HMAC-SHA-512 algorithm
Header Requirement (specified by server):
- HTTP Basic Authentication, as specified in Chapter 2 of RFC2617
- Content-Type: 'application/json'
Below is my code so far.
import { totp } from 'otplib'
import base64 from 'base-64'
import axios from 'axios'
const request = () => {
const URL = 'https://api.topic.name.com/topic/003'
const info = {
"github_url": "https://github.com/myname/topic",
"contact_email": "[email protected]"
}
const secret = 'nameTopic'
const dataBody = JSON.stringify(info)
const sharedSecret = info.contact_email+secret
totp.options = { digits: 10, algorithm: "sha512", epoch: 0}
const newTOTP = totp.generate(sharedSecret);
const isValid = totp.check(newTOTP, sharedSecret);
console.log(newTOTP, isValid)
const userPass = info.contact_email + ":" + newTOTP;
const credential = base64.encode(userPass);
const config = {
headers: {
'Content-Type': 'application/json',
"Authorization": "Basic " + credential
}
};
axios.post(URL, dataBody, config).then((response) => {
console.log(response)
}, (err) => {
console.log(err)
})
}
export default request
I really don't understand why there's a CORS issue, could it be that my headers are wrong?
Any help is greatly appreciated, thank you for your time.