Nuxt proxy to Laravel server route to avoid CORS and make sessions work

[...].ts

import { joinURL } from 'ufo'

// Full relative path: server/api/[...].ts
export default defineEventHandler((event) => {
  const config = useRuntimeConfig(event)

  const headers = new Headers()

  headers.set('cookie', getRequestHeader(event, 'cookie')!)

  // Read XSRF-TOKEN cookie set by Laravel
  const xsrfToken = getCookie(event, 'XSRF-TOKEN')

  // Send it back to Laravel as X-XSRF-TOKEN header
  if (xsrfToken) {
    headers.append('X-XSRF-TOKEN', xsrfToken)
  }

  const targetURL = joinURL(
    // example: NUXT_PUBLIC_API_URL=http://my-laravel-app
    config.public.apiUrl,

    // remove `/api` prefix from Nuxt request.
    // From: http://my-nuxt-app/api/proxy-this-to-laravel
    // To: http://my-laravel-app/proxy-this-to-laravel
    event.path.replace('/api', ''),
  )

  return proxyRequest(event, targetURL, {
    headers: Object.fromEntries(headers),
    fetchOptions: {
      redirect: 'manual',
    },
  })
})