DEV Community: Nicolás Danelón The latest articles on DEV Community by Nicolás Danelón (@nicolasdanelon). https://dev.to/nicolasdanelon https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F72659%2Ff6663f1b-596c-4917-bd30-4554fa214e19.jpeg DEV Community: Nicolás Danelón https://dev.to/nicolasdanelon en Court bans LinkedIn data protection violations Nicolás Danelón Mon, 30 Oct 2023 22:53:07 +0000 https://dev.to/nicolasdanelon/court-bans-linkedin-data-protection-violations-35bi https://dev.to/nicolasdanelon/court-bans-linkedin-data-protection-violations-35bi <p>The social network LinkedIn may no longer announce on its website that it does not respond to “do-emergency track” signals with which</p> <p>“When consumers: activate their browser’s 'Do Not-Track’ function, this is a clear message: they don’t want their surfing behavior to be spied on for advertising and other purposes,” says Rosemarie Rodden, legal expert at vzbv. “Website operators must respect this signal.”</p> <p>Objection ignored against tracking</p> <p>Internet surfers can tell via their browser that the websites visited receive a “do-not track” (DNT) signal. It sends their wish that the online activities are not tracked and evaluated. LinkedIn had announced on its website that it did not respond to such DNT signals. Thus, against the will of the users, personal data such as the IP address and information about the use of the website can also be evaluated for analysis and marketing purposes, including third-party providers. </p> <p>Objection ignored against tracking</p> <p>Internet surfers can tell via their browser that the websites visited receive a “do-not track” (DNT) signal. It sends their wish that the online activities are not tracked and evaluated. LinkedIn had announced on its website that it did not respond to such DNT signals. Thus, against the will of the users, personal data such as the IP address and information about the use of the website can also be evaluated for analysis and marketing purposes, including third-party providers. </p> <p><a href="https://www.vzbv.de/urteile/gericht-untersagt-datenschutzverstoesse-von-linkedin">Sauce</a></p> Let's talk about CORS & frontend with vite Nicolás Danelón Mon, 24 Jul 2023 15:33:50 +0000 https://dev.to/nicolasdanelon/lets-talk-about-cors-frontend-with-vite-english-version-43k3 https://dev.to/nicolasdanelon/lets-talk-about-cors-frontend-with-vite-english-version-43k3 <p>I often find myself developing websites with React or Preact.<br> Lately, Preact has become my favorite, as it's much faster and lighter.</p> <p>Sometimes I don't need to use a real server—for example, when I'm teaching a class, making a demo, or working without internet. It's also helpful when I need to simulate requests to a server, even if it's local.</p> <p>To test my frontend, I create a simple PHP file that reads the data sent via POST and returns a JSON object similar to the one that the real server would provide.</p> <p><em>(At the end of the article, there is a Node.js version of the PHP server.)</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php <span class="nt">-S</span> 127.0.0.1 <span class="nt">-t</span> server.php </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="cp">&lt;?php</span> <span class="nv">$json</span> <span class="o">=</span> <span class="nb">file_get_contents</span><span class="p">(</span><span class="s1">'php://input'</span><span class="p">);</span> <span class="nv">$data</span> <span class="o">=</span> <span class="nb">json_decode</span><span class="p">(</span><span class="nv">$json</span><span class="p">,</span> <span class="kc">true</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="k">isset</span><span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'username'</span><span class="p">])</span> <span class="o">||</span> <span class="o">!</span><span class="k">isset</span><span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'password'</span><span class="p">]))</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">400</span><span class="p">);</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'error'</span><span class="p">,</span> <span class="s1">'message'</span> <span class="o">=&gt;</span> <span class="s1">'Username or password not provided'</span> <span class="p">]);</span> <span class="k">exit</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'username'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'nicolas'</span> <span class="o">&amp;&amp;</span> <span class="nv">$data</span><span class="p">[</span><span class="s1">'password'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'Correct-h0rse-Battery-staple'</span><span class="p">)</span> <span class="p">{</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'success'</span><span class="p">,</span> <span class="s1">'token'</span> <span class="o">=&gt;</span> <span class="s1">'fake_token'</span> <span class="p">]);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">401</span><span class="p">);</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'error'</span><span class="p">,</span> <span class="s1">'message'</span> <span class="o">=&gt;</span> <span class="s1">'Invalid username or password'</span> <span class="p">]);</span> <span class="p">}</span> </code></pre> </div> <p>I like to use PHP because it has no dependencies, which is great for a demo. But this code doesn't work. The error is:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>Response body is not available to scripts <span class="o">(</span>Reason: CORS Failed<span class="o">)</span> </code></pre> </div> <p>After reading the title, you might have guessed that the error comes from CORS. But what is CORS?</p> <p>CORS stands for Cross-Origin Resource Sharing. It is a security mechanism that allows you to control who can access the server's resources.</p> <p>So, all I have to add to my PHP code is a couple of HTTP headers, right?<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="cp">&lt;?php</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Content-Type: application/json'</span><span class="p">);</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Origin: http://localhost:5173'</span><span class="p">);</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Methods: POST'</span><span class="p">);</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Headers: Content-Type'</span><span class="p">);</span> </code></pre> </div> <p>My code still doesn't work! My request doesn't reach the server. But why?</p> <p>Upon inspection, Axios is sending a request before the POST request I'm making. This first request is known as a "preflight request." It's an OPTIONS request; it only asks the server for the types of requests that are allowed. Knowing that, let's modify our headers and add a small if-statement:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="c1">// headers</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Methods: POST, OPTIONS'</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$_SERVER</span><span class="p">[</span><span class="s1">'REQUEST_METHOD'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'OPTIONS'</span><span class="p">)</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">200</span><span class="p">);</span> <span class="k">exit</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// fake login</span> </code></pre> </div> <p>Now it works! Generally, browsers try to enforce the "Same Origin" policy, which limits how JavaScript code that's running in one origin can access resources in another origin. (Origins can be domains, protocols, or ports.)</p> <p>Finally, our PHP code looks like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="cp">&lt;?php</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Content-Type: application/json'</span><span class="p">);</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Origin: http://localhost:5173'</span><span class="p">);</span> <span class="c1">// CORS</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Methods: POST, OPTIONS'</span><span class="p">);</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Headers: Content-Type'</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$_SERVER</span><span class="p">[</span><span class="s1">'REQUEST_METHOD'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'OPTIONS'</span><span class="p">)</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">200</span><span class="p">);</span> <span class="k">exit</span><span class="p">;</span> <span class="p">}</span> <span class="nv">$json</span> <span class="o">=</span> <span class="nb">file_get_contents</span><span class="p">(</span><span class="s1">'php://input'</span><span class="p">);</span> <span class="nv">$data</span> <span class="o">=</span> <span class="nb">json_decode</span><span class="p">(</span><span class="nv">$json</span><span class="p">,</span> <span class="kc">true</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="k">isset</span><span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'username'</span><span class="p">])</span> <span class="o">||</span> <span class="o">!</span><span class="k">isset</span><span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'password'</span><span class="p">]))</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">400</span><span class="p">);</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'error'</span><span class="p">,</span> <span class="s1">'message'</span> <span class="o">=&gt;</span> <span class="s1">'Username or password not provided'</span> <span class="p">]);</span> <span class="k">exit</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'username'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'nicolas'</span> <span class="o">&amp;&amp;</span> <span class="nv">$data</span><span class="p">[</span><span class="s1">'password'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'Correct-h0rse-Battery-staple'</span><span class="p">)</span> <span class="p">{</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'success'</span><span class="p">,</span> <span class="s1">'token'</span> <span class="o">=&gt;</span> <span class="s1">'fake_token'</span> <span class="p">]);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">401</span><span class="p">);</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'error'</span><span class="p">,</span> <span class="s1">'message'</span> <span class="o">=&gt;</span> <span class="s1">'Invalid username or password'</span> <span class="p">]);</span> <span class="p">}</span> </code></pre> </div> <p>In case you don't have the PHP interpreter on your system, here's a version of the same program in Node.js with Express:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pnpm init <span class="o">&amp;&amp;</span> pnpm add express body-parser cors </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">bodyParser</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">body-parser</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">cors</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">cors</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nx">express</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">port</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span> <span class="o">||</span> <span class="mi">3000</span><span class="p">;</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span><span class="nx">bodyParser</span><span class="p">.</span><span class="nx">json</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span><span class="nx">cors</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nx">post</span><span class="p">(</span><span class="dl">"</span><span class="s2">/login</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">username</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">username</span> <span class="o">||</span> <span class="o">!</span><span class="nx">password</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span> <span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">400</span><span class="p">)</span> <span class="p">.</span><span class="nx">json</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">error</span><span class="dl">"</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Username or password not provided</span><span class="dl">"</span> <span class="p">});</span> <span class="k">return</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">username</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">nicolas</span><span class="dl">"</span> <span class="o">&amp;&amp;</span> <span class="nx">password</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">Correct-h0rse-Battery-staple</span><span class="dl">"</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nx">json</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">success</span><span class="dl">"</span><span class="p">,</span> <span class="na">token</span><span class="p">:</span> <span class="dl">"</span><span class="s2">fake_token</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">res</span> <span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">401</span><span class="p">)</span> <span class="p">.</span><span class="nx">json</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">error</span><span class="dl">"</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Invalid username or password</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="p">});</span> <span class="nx">app</span><span class="p">.</span><span class="nx">listen</span><span class="p">(</span><span class="nx">port</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="s2">`Node.js server running at http://localhost:</span><span class="p">${</span><span class="nx">port</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>Cover credits:</p> <ul> <li><a href="https://chat.openai.com/">Prompt generated with ChatGPT</a></li> <li><a href="https://scribblediffusion.com/">Text to image with Scribble Diffusion</a></li> <li><a href="https://labs.openai.com/">Content-Aware Scale-like with DALL.e</a></li> <li><a href="https://www.photopea.com/">Resize and adjustments with Photopea</a></li> </ul> vite cors node php Hablemos de CORS & frontend con vite Nicolás Danelón Sun, 23 Jul 2023 19:20:15 +0000 https://dev.to/nicolasdanelon/hablemos-de-cors-frontend-con-vite-version-en-espanol-496d https://dev.to/nicolasdanelon/hablemos-de-cors-frontend-con-vite-version-en-espanol-496d <p>A menudo me encuentro desarrollando sitios con react o preact. Ultimamente preact es mi favorito, mucho mas rapido y liviano. A veces no es necesario usar un servidor real, estoy dando clases, haciendo una demo o simplemente estoy trabajando sin internet y necesito simular requests a un servidor aunque sea local.</p> <p>Entonces como quiero probar mi frontend hice un simple archivo php que va a leer lo que le mande por POST y por ahora va a devolver json similar al que me va a dar el servidor real.</p> <p><em>(Al final del artículo hay una version node del servidor php)</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php <span class="nt">-S</span> 127.0.0.1 <span class="nt">-t</span> server.php </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="cp">&lt;?php</span> <span class="nv">$json</span> <span class="o">=</span> <span class="nb">file_get_contents</span><span class="p">(</span><span class="s1">'php://input'</span><span class="p">);</span> <span class="nv">$data</span> <span class="o">=</span> <span class="nb">json_decode</span><span class="p">(</span><span class="nv">$json</span><span class="p">,</span> <span class="kc">true</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="k">isset</span><span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'username'</span><span class="p">])</span> <span class="o">||</span> <span class="o">!</span><span class="k">isset</span><span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'password'</span><span class="p">]))</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">400</span><span class="p">);</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'error'</span><span class="p">,</span> <span class="s1">'message'</span> <span class="o">=&gt;</span> <span class="s1">'Username or password not provided'</span> <span class="p">]);</span> <span class="k">exit</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'username'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'nicolas'</span> <span class="o">&amp;&amp;</span> <span class="nv">$data</span><span class="p">[</span><span class="s1">'password'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'Correct-h0rse-Battery-staple'</span><span class="p">)</span> <span class="p">{</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'success'</span><span class="p">,</span> <span class="s1">'token'</span> <span class="o">=&gt;</span> <span class="s1">'fake_token'</span> <span class="p">]);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">401</span><span class="p">);</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'error'</span><span class="p">,</span> <span class="s1">'message'</span> <span class="o">=&gt;</span> <span class="s1">'Invalid username or password'</span> <span class="p">]);</span> <span class="p">}</span> </code></pre> </div> <p>Uso php porque no tiene dependencias, para una demo alcanza y sobra. Pero este código no funciona. El error que veo en la consola dice:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Response body is not available to scripts (Reason: CORS Failed) </code></pre> </div> <p>A estas alturas, sobre todo despues de haber leido el titulo, ya sabemos por donde viene el error. Pero qué es CORS?</p> <p>CORS son las siglas de Cross-Origin Resource Sharing. Es un mecanismo de seguridad que permite especificar quien puede acceder a los recursos del servidor.</p> <p>Entonces lo unico que tengo que agregar a mi codigo php es un par de headers http, verdad?<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="cp">&lt;?php</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Content-Type: application/json'</span><span class="p">);</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Origin: http://localhost:5173'</span><span class="p">);</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Methods: POST'</span><span class="p">);</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Headers: Content-Type'</span><span class="p">);</span> </code></pre> </div> <p>Mi código sigue sin funcionar! Mi request no llega al servidor, pero por que?</p> <p>Aparentemetne axios está haciendo un request antes del request POST que tiene el JSON con mis credenciales. A este request se lo conoce como una "preflight request" o solicitud previa. Es un request que tiene el verbo OPTIONS y lo unico que hace es preguntar al servidor que tipos de request se puede hacer. Vamos a modificar nuestros headers y a agregaremos un pequeño if para este nuevo verbo:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="c1">// headers</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Methods: POST, OPTIONS'</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$_SERVER</span><span class="p">[</span><span class="s1">'REQUEST_METHOD'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'OPTIONS'</span><span class="p">)</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">200</span><span class="p">);</span> <span class="k">exit</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// fake login</span> </code></pre> </div> <p>Ahora si! Ahora funciona! Generalmente los navegadores intentan asegurar la politica "Same origin" que impide que un código JavaScript en un origen (dominio, protocolo o puerto) pueda acceder a recursos en otro origen diferente.</p> <p>Nuestro código <code>php</code> finalmente quedaría así:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="cp">&lt;?php</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Content-Type: application/json'</span><span class="p">);</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Origin: http://localhost:5173'</span><span class="p">);</span> <span class="c1">// CORS</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Methods: POST, OPTIONS'</span><span class="p">);</span> <span class="nb">header</span><span class="p">(</span><span class="s1">'Access-Control-Allow-Headers: Content-Type'</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$_SERVER</span><span class="p">[</span><span class="s1">'REQUEST_METHOD'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'OPTIONS'</span><span class="p">)</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">200</span><span class="p">);</span> <span class="k">exit</span><span class="p">;</span> <span class="p">}</span> <span class="nv">$json</span> <span class="o">=</span> <span class="nb">file_get_contents</span><span class="p">(</span><span class="s1">'php://input'</span><span class="p">);</span> <span class="nv">$data</span> <span class="o">=</span> <span class="nb">json_decode</span><span class="p">(</span><span class="nv">$json</span><span class="p">,</span> <span class="kc">true</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="k">isset</span><span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'username'</span><span class="p">])</span> <span class="o">||</span> <span class="o">!</span><span class="k">isset</span><span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'password'</span><span class="p">]))</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">400</span><span class="p">);</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'error'</span><span class="p">,</span> <span class="s1">'message'</span> <span class="o">=&gt;</span> <span class="s1">'Username or password not provided'</span> <span class="p">]);</span> <span class="k">exit</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$data</span><span class="p">[</span><span class="s1">'username'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'nicolas'</span> <span class="o">&amp;&amp;</span> <span class="nv">$data</span><span class="p">[</span><span class="s1">'password'</span><span class="p">]</span> <span class="o">===</span> <span class="s1">'Correct-h0rse-Battery-staple'</span><span class="p">)</span> <span class="p">{</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'success'</span><span class="p">,</span> <span class="s1">'token'</span> <span class="o">=&gt;</span> <span class="s1">'fake_token'</span> <span class="p">]);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nb">http_response_code</span><span class="p">(</span><span class="mi">401</span><span class="p">);</span> <span class="k">echo</span> <span class="nb">json_encode</span><span class="p">([</span> <span class="s1">'status'</span> <span class="o">=&gt;</span> <span class="s1">'error'</span><span class="p">,</span> <span class="s1">'message'</span> <span class="o">=&gt;</span> <span class="s1">'Invalid username or password'</span> <span class="p">]);</span> <span class="p">}</span> </code></pre> </div> <p>Es posible que no tengas el interprete de php en tu sistema, acá podés encontrar prácticamente el mismo código en nodejs con express:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pnpm init <span class="o">&amp;&amp;</span> pnpm add express body-parser cors </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">bodyParser</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">body-parser</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">cors</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">cors</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nx">express</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">port</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span> <span class="o">||</span> <span class="mi">3000</span><span class="p">;</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span><span class="nx">bodyParser</span><span class="p">.</span><span class="nx">json</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span><span class="nx">cors</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nx">post</span><span class="p">(</span><span class="dl">"</span><span class="s2">/login</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">username</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">username</span> <span class="o">||</span> <span class="o">!</span><span class="nx">password</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span> <span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">400</span><span class="p">)</span> <span class="p">.</span><span class="nx">json</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">error</span><span class="dl">"</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Username or password not provided</span><span class="dl">"</span> <span class="p">});</span> <span class="k">return</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">username</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">nicolas</span><span class="dl">"</span> <span class="o">&amp;&amp;</span> <span class="nx">password</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">Correct-h0rse-Battery-staple</span><span class="dl">"</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nx">json</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">success</span><span class="dl">"</span><span class="p">,</span> <span class="na">token</span><span class="p">:</span> <span class="dl">"</span><span class="s2">fake_token</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">res</span> <span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">401</span><span class="p">)</span> <span class="p">.</span><span class="nx">json</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">error</span><span class="dl">"</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Invalid username or password</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="p">});</span> <span class="nx">app</span><span class="p">.</span><span class="nx">listen</span><span class="p">(</span><span class="nx">port</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="s2">`Servidor Node.js ejecutándose en http://localhost:</span><span class="p">${</span><span class="nx">port</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>Créditos del cover:</p> <ul> <li><a href="https://chat.openai.com/">Prompt generated with ChatGPT</a></li> <li><a href="https://scribblediffusion.com/">Text to image with Scribble Diffusion</a></li> <li><a href="https://labs.openai.com/">Content-Aware Scale-like with DALL.e</a></li> <li><a href="https://www.photopea.com/">Resize and adjustments with Photopea</a></li> </ul> vite cors node php