[solved] Parse-server domain

mbezaman · April 25, 2023, 6:30am

i am using the parse-server-migration setup in the authService.ts file:

const result = await Moralis.Auth.requestMessage({
address,
chain,
networkType,
domain: url.hostname,
uri: url.toString(),
statement: url.hostname,
notBefore: now.toISOString(),
expirationTime: expirationTime.toISOString(),
timeout: TIMEOUT,
});

my parser-server domain is different than the dapp domain. so i always get the metamask unsafe deceptive site notification because the domains are different. if my server and my dapp are on two different domains, how can i avoid this message? or do they both have to be on the same domain

cryptokid · April 24, 2023, 6:44pm

You can use there the domain from where the site is accessed by MetaMask. The domains for parse server and dapp don’t have to be the same

mbezaman · April 24, 2023, 7:19pm

right but when i do that, i always get the unsafe deceptive site notification unfortunately. i set the domain to the domain of my dapp.

cryptokid · April 24, 2023, 7:32pm

use the other domain there in code, the one for the app so that you don’t get that warning any more, just replace url.hostname with the app domain

mbezaman · April 24, 2023, 9:27pm

i added the domain of the dapp to the request message but still the same result. weird.

parse-server = www.mydapp-api.net (hosted on aws)
dapp = www.mydapp.net

the dapp calls the cloudfunction :
const { message } = await Moralis.Cloud.run(‘requestMessage’, {
address: address,
chain: chain.id,
networkType: ‘evm’,
});

the cloud function then calls the requestmessage function in authService.ts:
const result = await Moralis.Auth.requestMessage({
address,
chain,
networkType,
domain: ‘www.mydapp.net’,
uri: url.toString(),
statement: STATEMENT,
notBefore: now.toISOString(),
expirationTime: expirationTime.toISOString(),
timeout: TIMEOUT,
});

so the domain in the message now matches the dapp domain, but still the unsafe message.

mbezaman · April 24, 2023, 10:25pm

so i thought the uri i didn’t matter but it does. it seems to be working now by making sure the domain and the uri are the same:

const result = await Moralis.Auth.requestMessage({
address,
chain,
networkType,
domain: ‘www.mydapp.net’,
uri: ‘https://www.mydapp.net’,
statement: STATEMENT,
notBefore: now.toISOString(),
expirationTime: expirationTime.toISOString(),
timeout: TIMEOUT,
});

appreciate the help. thx!