603466164219281420 #support-questions

js
import "https://cdn.jsdelivr.net/gh/supertokens/supertokens-website/bundle/bundle.js"

supertokens.init(
    {
        apiDomain: "http://localhost:8000",
        apiBasePath: "/auth",
    onHandleEvent: (context) => {
        if (context.action === "UNAUTHORISED") {
            // called when the user doesn't have a valid session but made a request that requires one
            // NOTE: This event can fire multiple times


            if (context.sessionExpiredOrRevoked) {
                // the sessionExpiredOrRevoked property is set to true if the current call cleared the session from storage
                // this happens only once, even if multiple tabs sharing the same session are open, making it useful for analytics purposes
                fetch("auth/session/refresh", {method: "POST"}).then(r =>{
                    if (r.status === 200) {
                        console.log("Session refreshed")
                    } else {
                        console.log("Session refresh failed")
                    }
                })
            }
        }
    }
});

Λ C Ξ L X R D

05/03/2022, 11:10 PM

I am using python fastapi for the backend, I want to be able to ask the user to re-login or be able to refresh their token if their token expired

Infatuation

05/04/2022, 12:15 AM

Hi! I'm trying to implement a custom provider for reddit. Details in the thread

23 replies · 2 participants

05/04/2022, 4:31 AM

Handling session expiry

KalibCheil

05/04/2022, 8:31 PM

Hi guys, I want to implement password reset on angularJS, is there a way or do I have to do it on the backend side?

9 replies · 3 participants

marshmalon

05/04/2022, 8:37 PM

Hello we are encountering a strange error where no matter how many times we use the refresh token our api route still returns a 401 unauthorised

marshmalon

05/04/2022, 8:37 PM

I can't seem to even force the api to work with a mocked request

solminded

05/04/2022, 9:58 PM

Hi, can someone share a payload example for facebook authentication

/api/auth/signinup

POST? I was not able to find any documentation or examples at Supertokens repo about it. I keep getting FIELD_ERROR but no other message is available looking at the backend response.

1 reply · 2 participants

marshmalon

05/04/2022, 10:53 PM

So I looked into it more. I have a main nextjs application where the main auth server is running and a separate flask api on a different subdomain that needs to verify sessions. When I am using the nextjs applications everything seems fine, but the flask application for some reason is not properly verifying the sessions. No matter how many times I refresh it seems to say the accessToken is invalid and gives a

TryRefreshToken

error. I am trying to see if I can log more information about the session using a test route that has

session_required=True

but still not sure why that disparity would exist. This error suddenly manifested after switching our domain to start using www

1 reply · 2 participants

nkshah2

05/05/2022, 3:18 AM

Try refresh token error

nkshah2

05/05/2022, 3:24 AM

Password reset

nkshah2

05/05/2022, 3:28 AM

Facebook field error

aminoxix 🇮🇳

05/05/2022, 7:46 AM

I want to know more about the GitHub repo mentioned below; using this I can integrate MongoDB from my auth sys? https://github.com/supertokens/supertokens-docker-mongodb

31 replies · 2 participants

PitchAsh

05/05/2022, 11:55 AM

With the passwordless recipe what is the recommended flow for updating a users email address including sending an otp / magic link and then finally updating the email address on supertokens with the verified address?

22 replies · 3 participants

PitchAsh

05/05/2022, 5:27 PM

We have some areas of our frontend that are accessed by anonymous users…. But since supertokens is initialised it’s just spams the refresh api route constantly. Is there a way to turn it off, or only call refresh when logged in?

17 replies · 2 participants

[Manicraft1001]

05/05/2022, 6:26 PM

Is it true, that ``createNewSession`` get's called before ``emailPasswordSignUpPOST`` upon registration? I wanted to store a user in the db using ``emailPasswordSignUpPOST`` and store the information in the session using ``createNewSession``. Weirdly, this illustrations tells the opposite behaviour I am having: https://supertokens.com/docs/thirdpartyemailpassword/architecture

16 replies · 2 participants

Λ C Ξ L X R D

05/05/2022, 8:55 PM

Is there a way to disable the /auth/signup and make it only available to add users through the admin panel?

27 replies · 2 participants

05/06/2022, 4:27 AM

Disable sign up

mogalmahesh

05/06/2022, 2:06 PM

Hi, I am facing an issue with Google sign-in, email password sign is working. Below is my config

60 replies · 2 participants

XxX_MLG Noob_XxX

05/06/2022, 5:15 PM

For some reason I can't call

/auth/signout

. Getting unauthorized errors. How exactly does that happen? 🤔

4 replies · 2 participants

05/06/2022, 7:03 PM

Unauthorised error in signOut

execreate

05/07/2022, 5:47 AM

Hey guys, I have CSRF related question. We are using passwordless auth on our Python Django backend (we use Django Rest Framework). From Django CSRF settings I have configured the following:

python
CSRF_TRUSTED_ORIGINS=[domain_names]
CSRF_COOKIE_SECURE = True

The issue we are getting is that POST requests we are getting this response:

json
{
    "detail": "CSRF Failed: CSRF token missing."
}

20 replies · 2 participants

funk101

05/07/2022, 1:21 PM

I'm trying to add "firstname", "lastname" to the formFields(nodejs) in my backendConfig. I'm getting an error:

POST http://localhost:3000/api/auth/signup 400 (Bad Request)

funk101

05/07/2022, 1:22 PM

here's my code in backendConfig():

recipeList: [
      EmailPasswordNode.init({
        signUpFeature: {
          formFields: [
            {
              id: "firstname",
            },
            {
              id: "lastname",
            },
          ],
        },
        override: {
          apis: (originalImplementation) => {
            return {
              ...originalImplementation,
              signUpPOST: async function (input) {
                if (originalImplementation.signUpPOST === undefined) {
                  throw Error("Shouldn't come here");
                }
                try {
                  const response = await originalImplementation.signUpPOST(
                    input
                  );
                  console.log("Response: ", response);
                  if (response.status === "OK") {
                    const formFields = input.formFields;
                    console.log("FormFields: ", formFields);
                  }
                } catch (err) {
                  console.log("Error: ", err.message);
                }

                return response;
              },
            };
          },
        },
      }),
      SessionNode.init(),
    ],
    isInServerlessEnv: true,

45 replies · 2 participants

05/08/2022, 4:43 AM

custom form field

nadilas

05/08/2022, 12:35 PM

Hey guys, could we potentially get exported types for the api methods e.g. https://github.com/supertokens/supertokens-node/blob/0e3d0e30437d69edcb881c9dfb589bbea2519a48/lib/ts/recipe/thirdpartyemailpassword/types.ts#L245 ? Something along the lines of:

export interface ThirdPartySignInUpPOSTInput {
              provider: TypeProvider;
              code: string;
              redirectURI: string;
              authCodeResponse?: any;
              clientId?: string;
              options: ThirdPartyAPIOptions;
              userContext: any;
}

05/08/2022, 12:48 PM

@nadilas sure. Could you open an issue about this on our GitHub? We can work on this over the coming days / weeks

nadilas

05/08/2022, 1:20 PM

If you are here is an example code