unit testing

hi, i'm having a hard time getting 'supertokens-website' to work, help please 😅

attemptRefreshingSession

and

doesSessionExist

keep returning

false

ts
const api = axios.create({ baseURL: '/api', timeout: 5_000 });
SuperTokens.addAxiosInterceptors(api);

SuperTokens.init({
  apiDomain: 'http://localhost:3000',
  apiBasePath: '/api/auth',
});

async function signIn(form) {
  const res = await api.post('/auth/signin', form); 
  // {"status":"OK","user":{"email":"test@gmail.com","id":"de770ff7-4524-4108-994f-717c1d12bec4","timeJoined":1650956757303}}
  // the set-cookie headers are also present, and cookies are saved correctly

  const attemptRefreshingSession = await SuperTokens.attemptRefreshingSession();
  const doesSessionExist = await SuperTokens.doesSessionExist()
  console.log(attemptRefreshingSession, doesSessionExist); // false, false
}

also, on the backend

req.session

is

undefined

on all requests after signin

Session issue

hi everyone, I am trying to override the api on the 3rdparty+emailpassword as shown in the example: https://supertokens.com/docs/thirdpartyemailpassword/advanced-customizations/apis-override/usage specific I want to prevent a user signing up with the same email they already used for google sign in. for that I need to override the

emailpassword_email_exists_get

method (as I understand) the thing I am not sure about is how to query the db about a user with a specific email. I found this code in the source:

params = {
            'email': email
        }
        response = await Querier.get_instance("random").send_get_request(NormalisedURLPath('/recipe/user'), params)
        if 'status' in response and response['status'] == 'OK':
            return User(response['user']['id'], response['user']
            ['email'], response['user']['timeJoined'])

however it doesn't return the user I expect to find

We have helper functions that you can use to get a user based on their email.

Like thirdpartyemailpassword.asyncio.get_users_using_email

thanks @rp ! I can't find the method though in the supertokens-python source code, is it somewhere else?

thanks! was looking for get_users_using_email instead of get_users_by_email

works perfect now! thanks again

I'm having trouble with NestJS + GraphQL, I've seen there were older messages about this in discord but it didn't really help... Honestly I have no clue of how, according to the supertokens documentation of vanilla graphql on nodejs, this should be done:

ts
@Injectable()
export class GQLAuthGuard implements CanActivate {
  async canActivate(context: ExecutionContext): Promise<boolean> {
    const ctx = GqlExecutionContext.create(context).getContext();

    let err = undefined;
    // You can create an optional version of this by passing {sessionRequired: false} to verifySession
    await verifySession({ sessionRequired: false })(
      ctx.req,
      ctx.res,
      (res) => {
        err = res;
      },
    );

    if (ctx.res.headersSent) {
      throw new STError({
        message: 'RESPONSE_SENT',
        type: 'RESPONSE_SENT',
      });
    }

    if (err) {
      throw err;
    }

    return true;
  }
}

hi again! can i somehow seed few initial users into the database?

Yea. There r SDK helper functions for signing up users

Facing issue with handling logged out user using

onHandleEvent

for

supertokens-website

. Here's what I did 1. I logged out the user using

await supertokens.signOut();

2. I added

onHandleEvent

as following

supertokens.init({
    apiDomain: "...",
    onHandleEvent: (context) => {
        if (context.action === "UNAUTHORISED") {
            alert("You are not logged in");
            if (context.sessionExpiredOrRevoked) {
              console.log("Session expired or revoked")
            }
        }
    }
})

But I don't see any alert or console log

should i just go ahead even with this error?

i use django

and the stack trace is after starting the server

for context

im initializing supertokens

and in cors_allow_headers in settings

the get_all_cors_headers function seems to stop it from working

so when i take it out the server runs but with this message

can i move on or nah?

You can move ahead. It's just a warning. But you would need to hardcode the values returned by

cors_allow_headers

in your CORS setting anyway.

Morning! Firstly, big thank you for creating supertokens, loving it so far. However I'm getting stuck adding additional fields to the sign up form, following the guide here: https://supertokens.com/docs/emailpassword/common-customizations/signup-form/adding-fields I do step 1 and 2 - that all works fine, but then the next part seems to contradict step 2. I am assuming that this is instead of step 2 but it's not clear to me (I'm new to this). Secondly I'm aware supertokens wont store the data from the additional fields, so if I only do step 1 and 2, how do I handle the extra form field data on the backend? Thanks in advance!

[supertokens-node] Quick question about overriding reset password token, I am overriding generatePasswordResetTokenPOST to call user service to send reset email but generatePasswordResetTokenPOST returns only { status: ok }. Any way to access to reset token in the overridden function, so I can pass it to user service?

Yea. You can use the override.functions instead. And in that, there is a function for generating a password reset role which returns only the token

What’s the use case for doing this though?

Trying to understand the flow of the reset password request. I am using the default route (user/password/reset/token) and sending email that is requesting password reset. I am trying to get a mail sent to the email with the reset password link (that includes the token)