Hi, I was wondering how can I can immediately update the token? When ever I create a user, I add a role to the user in the override, but I can't access them roles on the frontend(react-native) until I log out and back in. So how can I make the effect take place immediately?

Hi there. I'm having an annoying issue during local development and I can't figure it out after Googling and searching here.

sIRTFrontend

keeps getting reset to

remove

after logging in. I'm using code from the Vue.js example included in the web-js repo (https://github.com/supertokens/supertokens-web-js/tree/master/examples/vuejs/with-thirdpartyemailpassword), but with EmailPassword instead of ThirdPartyEmailPassword. That's the only code change from the sample> I'm using a Python backend using FastAPI, running on

http://localhost:8000

. Frontend is running at

http://localhost:8080

. Here are my settings: Frontend:

js
VITE_API_URL=http://localhost:8000
VITE_API_BASEPATH=/api/v1/auth
VITE_WEB_URL=http://localhost:8080

js
const apiDomain = import.meta.env.VITE_API_URL;
const apiBasePath = import.meta.env.VITE_API_BASEPATH;

SuperTokens.init({
  appInfo: {
    appName: "Test",
    apiDomain,
    apiBasePath,
  },
  recipeList: [Session.init(), EmailPassword.init()],
  // enableDebugLogs: true,
});

Backend:

python
SUPERTOKENS_URL = os.environ.get("SUPERTOKENS_URL", "http://localhost:3567")
SUPERTOKENS_API_KEY = os.environ.get("SUPERTOKENS_API_KEY", "someRandomKey")
SUPERTOKENS_WEBSITE_DOMAIN = os.environ.get(
    "SUPERTOKENS_WEBSITE_DOMAIN", "http://localhost:8080"
)
SUPERTOKENS_API_DOMAIN = os.environ.get(
    "SUPERTOKENS_API_DOMAIN", "http://localhost:8000"
)

python
supertokens_init(
    app_info=InputAppInfo(
        app_name="Test",
        api_domain=SUPERTOKENS_API_DOMAIN,
        website_domain=SUPERTOKENS_WEBSITE_DOMAIN,
        api_base_path="/api/v1/auth",  # Remember to set this on the frontend as well
    ),
    supertokens_config=SupertokensConfig(
        connection_uri=SUPERTOKENS_URL, api_key=SUPERTOKENS_API_KEY
    ),
    framework="fastapi",
    recipe_list=[
        st_session.init(),  # initializes session features
        st_emailpassword.init(),
        st_userroles.init(),
    ],
    mode="asgi",
)

Hi

I'm writing to you guys from the UAE and unfortunately supertokens is banned here, would like to get your insight on it please.

Issue in UAE

Hi again! I'm trying to to do signinup with apple, as I have google working. When I do the same with Apple, it throws an error on the backend.

javascript
console.log(credential.authorizationCode);

      await axios
        .post(
          `${API_DOMAIN}/auth/signinup`,
          {
            redirectURI: "com.demoapp:/oauthredirect",
            thirdPartyId: "apple",
            code: credential.authorizationCode,
            clientId: MY CLIENT ID.
          },
          {
            headers: {
              rid: "thirdpartyemailpassword",
            },
          }
        )

Hello, somehow our cookies are being set twice. Due to that, the refresh endpoint returns a 401

cookie set twice

Hi team, Not able to refresh the session even though on verifying the session it gets verified correctly. All the required data are being sent in cookies. Note: We are working on aws lambda setup. Thanks in advance "headers": { "Accept": "*/*", "Accept-Encoding": "gzip, deflate, br", "Cache-Control": "no-cache", "Cookie": "deviceId=609pSAj+pjTqjQ7WvGA+AfvE9saGHMjRuqqYJiHc5Oc=; preAuthSessionId=AEUlYDdZqQ4eU5KhHruu4ae9aWjr4DkBj2APK362j-4=; sAccessToken=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0%3D.eyJzZXNzaW9uSGFuZGxlIjoiOGU2ZDQ5NDgtZWNjMS00MGI0LThmNGMtNjdhYzk0ZGU2YTc1IiwidXNlcklkIjoiMzM3OTlmNmUtYzhkNy00YTY0LWI2ODMtNDc2Njg3NWM5YmM1IiwicmVmcmVzaFRva2VuSGFzaDEiOiJhZmQ1NDgyYWQwZDAzNmQ1ZGE1YmUxNTk3M2ViZDM4YzBjZWM1ODRlNmJjYjMyZmQ4MTgxYzAzNjk1MDg2OGMyIiwidXNlckRhdGEiOnt9LCJleHBpcnlUaW1lIjoxNjYwODI2ODMyNjI3LCJ0aW1lQ3JlYXRlZCI6MTY2MDgyMzIzMjYyNywibG1ydCI6MTY2MDgyMzIzMjYyN30%3D.Nt9qyFZ5TmcYtCYcx%2Fdv28mc47M1tVJ8f3%2BF8Vnw57DAgjnXDYU2y2OVCZFkFvAxgEReb8zaM2o6gHm2II56X%2Bzx12WstexaFHjSnwxoC30xpW4ltqFFqb5d9xTI6yQTSyVUsG7TY19V0SWEcASg8CLJLUfa%2FGROnNKVGNkCTrM33yqcCBkjrcq81%2FaFdDpyLI07z31Yqd468BkORKYpcaxcrkYQY5au%2BbGf6Wp4egEQB8en%2B7EdZQueDWmsPgoIUCrz4bAuL4OpLT1GSysnMMtx8L2uG5Eb86sBOm%2FMVk6OMaQR9XxLiXjXaNC3BbHG%2BSAJ8pbudt0OWOlekpIikA%3D%3D; sIdRefreshToken=3e797a2f-fb0e-4c73-92db-bcff20439f1f; sRefreshToken=UsfPZaYjSgZTvKx25CUDiqKmH%2FWiuvx8emFHUpIPbpRZGUFJWM5fR7a9shKf3mp2cw72X73y0JRky884JVlG8J4udKKw4DdbyGf1Vtez3UGSm8F4ylvzW3mF21XexTlKtAa0i5ZA66m8%2FctSYykP4X%2BAfqVjPEyjjHAhrP2o%2BesBx9DTvl2IrVdgReRrG0KCwKuORgM3i3%2FXrp8S%2BKA%2FpycxTocDj%2BE072a%2FA1yMcACd2hqAy27kRY4VdNzXuWr7amozAo9XyGl54YD5q6Gu.31c2411872bb8b4d977df5fcd26e6e2f8e5a1033a404f7097a6e705b37398d3b.V2; "rid": "session", } Response response: { multiValueHeaders: { 'Set-Cookie': [] }, body: '{"message":"unauthorised"}', statusCode: 401, headers: { 'Context-Type': 'application/json' } }

hi guys i want to use jwt on passwordless, i added jwt:{enabled:true} to session.init. I want to use AuthGuard and session decorator. i followed nestjs guide. But when i call some api i got error. Error: Cannot set headers after they are sent to the client AuthGuard @Injectable() export class AuthGuard implements CanActivate { async canActivate(context: ExecutionContext): Promise { const ctx = context.switchToHttp(); let err = undefined; const resp = ctx.getResponse(); await verifySession()(ctx.getRequest(), resp, (res) => { err = res; }); if (resp.headersSent) { throw new STError({ message: 'RESPONSE_SENT', type: 'RESPONSE_SENT', }); } if (err) { throw err; } return true; } }

Hi folks, we are investigating Supertokens to figure out whether this service supports our use-cases. Questions:

- Is there a support for robots? I.e. some pre-approved PAT or similar, that doesn't expire

- Is there support for device logins? Workflow: the user runs a CLI, it generates a link that the user opens in the browser. If the user is logged in, the login finishes in the CLI automatically. If not, they can log in/signup first

- Is it possible to provide user traits on signup? For example, we know their email if they subscibed to our newsletter, and then they signup with a Github account. We'd like to save the email as a user "email "property (or as a custom property)

robots support

hey @rp i have a where a user registers using supertokens on frontend and after successful registration posts a create account request to our backend api. Backend API generates a new account id for the supertokens user and adds the account id to user's supertokens metadata. Logic for this is here:

go
// add the account id to the user's supertoken metadata
    _, err = usermetadata.UpdateUserMetadata(req.UserId, map[string]interface{}{
        "account_id": newAcc.Id,
    })
    if err != nil {
        logx.Errorf("error updating user metadata: %v", err)
        return nil, xerr.UpdateUserMetadataFailed
    }

but the problem here is that when I try to create an account with a fake UUID, a successful metadata update happens even if no user with such id exists on supertokens. I am trying to through an error if the userid does not exists but it seems that no err is returned by above function all error handling is skipped. here is the list of users registered in supertokens from frontend:

message has been deleted

and here is the list of users userid (fake id) whose metadata i tried to update

message has been deleted

usermetadata.UpdateUserMetadata function should through an error if the user does not exist

can you have a look at it please

If user is registered via Github, is it possible to force them enter and confirm an email?

You mean make them do the email verification flow even though github says that their email is verified?

Hello! Heard about Supertokens through Fireship on youtube and am intrigued about using it in a personal project currently in development. For the sake of development if I wanted to use the managed service provided initially but at a later point wanted to self host is there migration process (whether paid or free) to support this transition or should I be committing to one or the other upfront?

Type '{ mode: string; }' is not assignable to type 'TypeInputEmailVerificationFeature'.
  Object literal may only specify known properties, and 'mode' does not exist in type 'TypeInputEmailVerificationFeature'.ts(2322)

hi! is this normal?

Hello! I am trying to enable the email verification feature in the thirdpartyemailpassword recipe but I am not sure about the configuration needed. If I do it like that:

ThirdPartyEmailPassword.init({
            signInAndUpFeature: {
                providers: [Google.init()],
                disableDefaultUI: false,
            },
            emailVerificationFeature: {
                mode: "REQUIRED"
            },
            getRedirectionURL: async (context) => {
                if (context.action === "SIGN_IN_AND_UP") {
                    return "/";
                }
            },
        }),

i guess I have to create a new page and render the default component which is in

/auth/verify-email?rid=thirdpartyemailpassword

?

I cannot seem to change the colour of the font from black to white when I autocomplete the e-mail field. If I am typing it out, the colour is white. The behaviour applies only for autocomplete and not when I type it out manually

Has anyone tried to build sveltekit with node-adapter and using supertokens-web-js module? I`m getting a module not found when trying to build a docker-image to use in production, runs fine in development mode 🤔

Hi, when I'm calling my override functions I'm getting

Error: Initialisation not done. Did you forget to call the SuperTokens.init function?

. However I call Supertokens.init in my api/auth/[[...path]].tsx do you know why ?