rp, sorry for interrupting again, I decided, I will try to refresh session during SSR and then proceed to call the backend API (without refresh). I don't understand what

sIRTFrontend

does. After login, the

sIRTFrontend

contains some string (uid?) same as

sIdRefreshToken

, but after page refresh, its content change to the 'remove', and

sRefreshToken

dissapears from cookies. I need that refresh token to refresh the session manually while SSR... How Can I retrieve the refresh token If

sIRTFrontend

contains 'remove'? Thank you

hey @User ,

sIRTFrontend

is meant to serve as a proxy to the frontend SDK to know if the refresh token (which is in httpOnly cookies) is still present or not. If the value of this is

remove

then it means that the session no longer exists.

If the access token is expired during SSR, the only solution you have is to try and refresh it via the flow I had described.

if this is not clear, I'd be happy to get on a quick implementation call to help figure this out 🙂

You can book a slot here: https://supertokens.io/call-user

ok, but is it normal for

refreshToken

to disapear?

accessToken

is present

that's weird..

now If I'll manually remove token (to test) there is no refresh ...

but after redirect to another subpage, website plugin find the refresh somehow and refresh token automaticly

so the refresh token is saved against the refresh API path

which is /auth/session/refresh

for chrome, if you navigate to that path in the browser (api domain), you will see the refresh token if it exists

or if you use firefox, you will see it all the time

hm, after navigation to

http://localhost:3000/api/auth

I'm getting the 404 from nuxt 😄

yea there isn't any API on /api/auth

and the API is actually POST /api/auth/session/refersh. IF you navigate via your browser, you are sending a GET request. But even with that, you should still see the refresh token in the cookie

hm, no refresh token is present somehow

What's the path you are on?

navigate to

http://localhost:3000/api/auth/session/refresh

and then check the cookie storage

😮 You are right, Is there another way to get the refresh token? (I need it at SSR)

so that's the thing. You can't. It's tied to that specific path for security reasons.

I see

The only solution is to send a loading spinner html to the frontend, and manually refresh the session as I had described

and then make the JS on that page reload the page post refresh session

Ok, got it, will try to do it somehow, thank you for rich explanation

happy to help 🙂

I think we should create a NuxtJS guide too for sessions 😅

Cause sessions in SSR is a tricky topic

Will share with you I I will be able to manage it 😄