I am making use of Fetch API to make a network request and get a response back which includes the session token details.
Below is the piece of code I am using in Apache Tomcat server.
<!doctype html>
<html lang="en">
<head>
<!-- Required meta tags -->
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- Bootstrap CSS -->
<link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-+0n0xVW2eSR5OomGNYDnhzAbDsOXxcvSN1TPprVMTNDbiYZCxYbOOl7+AMvyTG2x" crossorigin="anonymous">
<title>My App</title>
<link href="login.css" rel="stylesheet">
</head>
<body class="text-center">
<main class="form-signin">
<!-- <form onsubmit="return login()"> -->
<form>
<!-- <img class="mb-4" src="./logo.png" alt="" height="300"> -->
<h1 class="h3 mb-3 fw-normal"><b>My App</b> - Login</h1>
<div class="form-floating">
<input type="text" class="form-control" id="username" placeholder="[email protected]">
<label for="floatingInput">Email address</label>
</div>
<div class="form-floating">
<input type="password" class="form-control" id="password" placeholder="Password">
<label for="floatingPassword">Password</label>
</div>
<button class="w-100 btn btn-lg btn-primary mt-3" type="submit" onClick=clickLogin()>Login</button>
<div id="myData"></div>
</form>
</main>
<!--<script src="login.js"></script> -->
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/sweetalert2.all.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" integrity="sha384-gtEjrD/SeCtmISkJkNUaaKMoLD0//ElJ19smozuHV6z3Iehds+3Ulb9Bn9Plx0x4" crossorigin="anonymous"></script>
<script>
async function clickLogin() {
console.log("Inside click Login");
//e.preventDefault();
const response = await fetch ('https://example.com/authenticate',
{
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Username': '[email protected]',
'Password': 'Ch4ng3it!'
},
})
/*.then(response => response.json())
.then(json => console.log(json))
.catch(err => console.log('Request Failed', err))*/
console.log("Reached before ok");
if (!response.ok) {
throw new Error(`Error! status: ${response.status}`);
}
const result = await response.json();
console.log(result);
document.getElementById(myData).innerHTML = result;
}
</script>
</body>
</html>
The above image shows the network trace. The call to authenticate endpoint is cancelled everytime.
I am not sure what I am doing wrong here. Also, I added the URL app.example.com in CORS for resource server API.