Is it true, that ``createNewSession`` get's called before ``emailPasswordSignUpPOST`` upon registration? I wanted to store a user in the db using ``emailPasswordSignUpPOST`` and store the information in the session using ``createNewSession``. Weirdly, this illustrations tells the opposite behaviour I am having: https://supertokens.com/docs/thirdpartyemailpassword/architecture

Is there a way to disable the /auth/signup and make it only available to add users through the admin panel?

Disable sign up

Hi, I am facing an issue with Google sign-in, email password sign is working. Below is my config

For some reason I can't call

/auth/signout

. Getting unauthorized errors. How exactly does that happen? 🤔

Unauthorised error in signOut

Hey guys, I have CSRF related question. We are using passwordless auth on our Python Django backend (we use Django Rest Framework). From Django CSRF settings I have configured the following:

python
CSRF_TRUSTED_ORIGINS=[domain_names]
CSRF_COOKIE_SECURE = True

The issue we are getting is that POST requests we are getting this response:

json
{
    "detail": "CSRF Failed: CSRF token missing."
}

I'm trying to add "firstname", "lastname" to the formFields(nodejs) in my backendConfig. I'm getting an error:

POST http://localhost:3000/api/auth/signup 400 (Bad Request)

here's my code in backendConfig():

recipeList: [
      EmailPasswordNode.init({
        signUpFeature: {
          formFields: [
            {
              id: "firstname",
            },
            {
              id: "lastname",
            },
          ],
        },
        override: {
          apis: (originalImplementation) => {
            return {
              ...originalImplementation,
              signUpPOST: async function (input) {
                if (originalImplementation.signUpPOST === undefined) {
                  throw Error("Shouldn't come here");
                }
                try {
                  const response = await originalImplementation.signUpPOST(
                    input
                  );
                  console.log("Response: ", response);
                  if (response.status === "OK") {
                    const formFields = input.formFields;
                    console.log("FormFields: ", formFields);
                  }
                } catch (err) {
                  console.log("Error: ", err.message);
                }

                return response;
              },
            };
          },
        },
      }),
      SessionNode.init(),
    ],
    isInServerlessEnv: true,

custom form field

Hey guys, could we potentially get exported types for the api methods e.g. https://github.com/supertokens/supertokens-node/blob/0e3d0e30437d69edcb881c9dfb589bbea2519a48/lib/ts/recipe/thirdpartyemailpassword/types.ts#L245 ? Something along the lines of:

export interface ThirdPartySignInUpPOSTInput {
              provider: TypeProvider;
              code: string;
              redirectURI: string;
              authCodeResponse?: any;
              clientId?: string;
              options: ThirdPartyAPIOptions;
              userContext: any;
}

@nadilas sure. Could you open an issue about this on our GitHub? We can work on this over the coming days / weeks

If you are here is an example code

sure, no problem: https://github.com/supertokens/supertokens-node/issues/299

Hey all, are there any known react 18 issues? Is it ok for ST to be used with React 18?

Is lambda authorizer work with http api gateway?

hello

im trying to implement supertokens to react native

during my process

i encountered an error

it came from a file downloaded from supertokens called

Hey 👋 me again with another problem. I use Supertokens for a Login into an app. It works fine on the webbrowser but when I try it on my smartphone via Capacitor.js I get a endless refresh loop when I call the doesSessionExist() function. Thanks in advance!

hey , i need to know if there is a way to use two diffrent signin pages , with diffrent recipies .

i looked into this link : https://github.com/supertokens/supertokens-auth-react/issues/18

but i dont quite understand how this can be done , can you elabrate

Hi again, I am trying to get password reset email open a deep link in my react native app. So I am posting user password request via

/api/auth/user/password/reset/token

and at the backend I get

user

and

passwordResetURLWithToken

params and I can customize the email, so far so good. What I would like to do here is pass additional info to backend

createAndSendCustomEmail

method so that I can generate deep links according to users OS etc and send the email correctly. If I pass additional info in the

formFields

obj I get the 'Are you sending too many / too few formFields ' 400 error. I would appreciate any pointers. Thanks.

Hello, i'm trying to create a magic link that will redirect to an URL (can be different on each magiclink), and without login page display. The magic link creation works, i have something like this (http://localhost:3000/dashboardhttp://localhost:3000/auth/verify?rid=passwordless&preAuthSessionId=*******) And I have this code on my front :

getRedirectionURL: async (context) => {
                if (context.action === "SUCCESS") {
                    if (context.redirectToPath !== undefined) {
                        // we are navigating back to where the user was before they authenticated
                        return context.redirectToPath;
                    }
                    return "/dashboard";
                }
                return undefined;
            }

but I don't see how to pass the

redirectToPath

to get it here Thanks for your help 🙂

Hi there, for frontend calls I'm not using either fetch or axios. It's umi-request. Which is not including authentication headers automatically. We're trying to create a custom interceptor but I don't know how to get the plain access token in order to include it in the headers. How can I do this?

using nextjs, is it possible to wrap my "app.js" in to be able to access any part of the site using useSessionContext()?

ok, thanks