the frontend part is missing

So you should follow https://supertokens.com/docs/emailpassword/nextjs/setting-up-frontend

but create the file in

pages/app/auth/[[...path]].js

he did create it but same issue

It shoudn't have given 404.. cause the page does exist

if it gave 404, there was a mistake in making the page. The place where the file was created must have been incorrect.

What's the best way to temporarily disable sign-up? I want to keep the existing users on my core.

If the supetoken-core is running in docker, How to allow cors origin? I am getting this error - "from origin 'http://localhost:3001' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'."

Hello, under which case does the verifySession middleware return

message: unauthorised

also what is the path of the function in the sdk.Tried to find but couldnt exactly locate it.

Can the VerifySession middleware be overridden directly?

You mean you want to change how it works? What’s your use case?

After the session is verified I want to query my mongo db with the email currently logged in and add it to my req object which would be needed in the controller.

A snippet of what we used to do previously.

This req.user is later used by different controllers.

I see. The way to solve this would be to create your own middleware which runs after our middleware which modifies the req object as per your logic

Fine. thats one of the options was thinking in case the supertokens middleware cant be changed. No Issues. Thanks.

Well. It can be. I’ll write up some code here soon which you can use to do that

Thanks, that would be of great help

@User you can do:

ts
function myCustomMiddleware(verifySessionOptions?: Session.VerifySessionOptions) {
    return async (req: express.Request, res: express.Response, next: express.NextFunction) => {
        try {
            let session = await Session.getSession(req, verifySessionOptions);
            if (session === undefined) {
                if (verifySessionOptions?.sessionRequired === false) {
                    return next();
                } else {
                    throw Error("Should never come here");
                }
            }

            let userId = session.getUserId();
            // TODO: fetch info from mongo and attach to req.user = ....
            next();
        } catch (err) {
            next(err);
        }
    }
}

app.get("/some-api", myCustomMiddleware(), (req, res) => {
    // TODO:...
})

note that the above requires that you have added the supertokens errorHandler to the your express app (should be done if you follow the backend quick setup correctly).

You can learn more about the

getSession

function here: https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/sessions/session-verification-in-api/get-session

yep have added the error handler, would test this out.

cool!

If you send no sAccessToken and it returns a try refresh error with 401, it means that it works as expected.

cool, testing in a min.

It Works Amazing , thanks a lot ❤️‍🔥

Great!! 🙌

Understanding the sdk even better now XD

Hoping not to disturb so frequent now 🙂

Can we integrate this with spring ,sorry if my question is wrong

Hehe. Don’t worry about it