Note: Updates logs below
We have a NestJS application running in an EC2 instance on port 7001, which is sitting behind a Nginx reverse proxy on port 80 & 443. Our API URL is aliasing a Cloudfront endpoint, which enables and forces HTTPS and forwards all calls to our EC2 instance.
We’re currently experiencing an issue where our POST calls contain our Auth headers, but our GET calls do not…
Little script in main.ts to illustrate the issue:
app.use((req: any, res: any, next: any) => {
console.log('METHOD:', req.method);
console.log('AUTHORISATION:', req.get('Authorization'));
next()
})
PM2 Logs:
0|gateway | METHOD: POST
0|gateway | AUTHORISATION: Bearer eyJ...gLk
0|gateway | METHOD: GET
0|gateway | AUTHORISATION: undefined
0|gateway | METHOD: POST
0|gateway | AUTHORISATION: Bearer eyJ...gLk
Where would this issue originate from? Here are a few pics of our AWS setup:
CORS
CLOUDFRONT BEHAVIOUR
CLOUDFRONT ORIGIN
Nginx Setup sites-available
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name api.example.io example.io;
location / {
proxy_pass http://localhost:7001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection '';
proxy_set_header Host $host;
proxy_pass_header Authorization;
proxy_cache_bypass $http_upgrade;
}
}
Many thanks 🙂
UPDATES:
After digging around, a GET call directly to our EC2 instance went through, so that eliminates Nginx and any code problems… It must be coming from CloudFront…
Try adding the
hostandauthorizationheaders to the cloudfront origin