I am coding an Electron Desktop app with JS and I need to call the login lock from a file.
I have no problem signing in with Social Logins but when I try to log in with Username-Password authentication I get a 403 from /co/authenticate saying file:// origin is not allowed.
I am also having trouble getting beyond the issue described above. Social logins work fine in my electron app, but username-password-authentication fails with a 403 and “Origin file:// is not allowed.”
I already have file://* in my list of allowed origins. My lock options are
{
auth: {
redirect: false,
sso: false
}
}
Has anyone been able to get around this problem? Any help would be appreciated.
As a (hopefully temporary) workaround, I enabled password grants in the API and am overriding the popup functionality for username/password submission by making a manual request to the API to retrieve an access token. It’s not pretty, but it works. The code below was written against auth0-lock version 11.7.2.
Social logins are still handled by the lock since I’m not having any issue there.