Hello @everyone. If anyone is using the supertokens-website package, please be sure to use the latest released version - 3.2.9. It has fixes to critical bugs regarding sending custom headers to the backend + it’s compatibility with the browser-tabs-lock library.

Anyone who has used our library so far, have you encountered a bug regarding development of a website on localhost but querying your API on a non-localhost URL?

Hi there, can some one use supertokens with pasportjs (Oauth2) and express? I cant create express server without session as express-session, cookie-session and use only supertokens and use this with nextjs and SSR react

This is bad, i think, two sessions at one application

Hey @bustEXZ. You don’t need to use express sessions anymore. SuperTokens is a replacement for that. You can continue using passportJS

along with express server

@User Hi, thanks for reply. if i dont use session like this: this.app.use(cookieSession({ secret: process.env.SESSION_SECRET })); passport js drop server when start, with error -> req.session.authParams is not defined. because req.session not created. In supertokens documentation i dont find how to initiate this session with supertokens

@bustEXZ, so you can create a middleware with SuperTokens that verifies a session and creates an object (and put that in req), that passport JS expects.

If I end up writing an example of how this should work, I’ll surely share it here.

@rp hm, i have middleware but for auth required routes. /auth route doesn't have this middleware, because we doesn't have sessions yet. where i can create this session object in req?

if i add /auth route -> superTokenMiddleware

with -> const session = await SuperTokens.getSession(req, res, false);

getSession throw an error, and this is correct

What is the error that getSession throws?

with no user auth?

SuperTokens.Error.UNAUTHORISED

if i use this.app.use("/auth", superTokensMiddleware, AuthRouter);

and const session = await SuperTokens.getSession(req, res, false); req.session = session as any; in middleware

I see. And that still throws the passportJS error? Or does this work as expected?

if i try to auth user with passport js auth

because req.session was not created by anything

TypeError: Cannot set property 'authParams' of undefined

So now that u are creating req.session in the SuperTokens middleware, r u still getting req.session as undefined?

After SuperTokens middleware has run

if i do this: this.app.use("/auth", superTokensMiddleware, AuthRouter);

and const session = await SuperTokens.getSession(req, res, false); req.session = session as any;

this -> req.session = session as any; is not working, we going in catch

Okay. So did u first create a new session?

hm, empty?