I spotted some kind of bug on the frontend that leaves the application in an unusable state

/api/auth/user/email/verify

raises the error

Error: Unknown User ID provided

(and makes the app unusable). Full Stack:

Error: Unknown User ID provided
    at Recipe.<anonymous> (/app/node_modules/supertokens-node/lib/build/recipe/thirdpartyemailpassword/recipe.js:129:27)
    at Generator.next (<anonymous>)
    at fulfilled (/app/node_modules/supertokens-node/lib/build/recipe/thirdpartyemailpassword/recipe.js:15:36)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)

I think this is related due to an account that was deleted but the

sAccessToken

,

sFrontToken

,

sIRTFrontend

and

sIdRefreshToken

cookies still be present on the frontend 🤔 After deleting the cookies from the dev tools everything works fine! Shouldn't the

supertokens-auth-react

library handle this and auto logout the user/unset the cookies? is this related to https://github.com/supertokens/supertokens-auth-react/issues/547 ? Happy to open a new issue otherwise!

We also found another scenario where our logs showed a lot of

[object Object]

logs, we pinned it down to the following code within our Next.js application:

const { backendConfig } = await import('@/config/backend-config');
const SupertokensNode = await import('supertokens-node');
const Session = await import('supertokens-node/recipe/session');
SupertokensNode.init(backendConfig());

// this throws the error
const session = await Session.getSession(context.req, context.res, { sessionRequired: false });

After debugging the error and manually printing it this is the actual error:

SessionError {
  type: 'TRY_REFRESH_TOKEN',
  message: 'Access token has expired. Please call the refresh API',
  payload: undefined,
  errMagic: 'ndskajfasndlfkj435234krjdsa',
  fromRecipe: 'session'
}

It seems like the error is not properly stringified (does not correctly extend/implement the Error class) as it seems to not pass the

nextjs

isError

check? Here is our debugging branch for figuring this out: https://github.com/kamilkisiela/graphql-hive/commit/63e66ab48335a3173d870c07a9510734b7f3c4af Furthermore, as this appears over and over again we also believe that this error is not properly handled on the frontend (

supertokens-auth-react

). I assume that if this happens the session cookies should be unset. Happy to open an issue on GitHub if there is no clear solution to this issue!

email verification for user that does not exist

I need to be able to "turn off" loginability for existing users. I wasn't able to find any initial reference in my "emailpassword" recipe to doing this. Do I have to "delete" a credential and lose their password to be able to turn off loginability for certain users?

Hi, I have a problem with signing up into my self-hosted backend. I was following instructions in https://supertokens.com/docs/emailpassword/quick-setup/backend. I am using Angular application, and I'm trying to integrate SuperTokens into my app. My backend is in the same project as the main app, could this be a problem? Thanks for help in advance!

Backend not working

Hi, I suspect that my docker image running the core is shutting down from time to time. I am hosting it on a digital ocean droplet. Do you have any ideas for why this might happen?

Core shutting down issue

Hiya! I was wondering if somebody has a usecase example for integrating supabase with supertokens, and not just using supabase auth?

Integrating with supabase

Hi, I'm trying to integrate SuperTokens into my Angular application, by following https://supertokens.com/docs/emailpassword/quick-setup/backend Adding frontend pre-built ui went smootly, however after adding these lines of code to main.ts into my app completely stops working, giving white page in browser and error in DevTools What do you mean in your guide by "Add the code below to your server's init file.", what file is it in angular app? Could you help me resolve this issue? Much thanks.

Angular + supertokens

Hi, Is there a way to get the user id from the request without calling the supertokens core (jn python)? Currently i do this:

python
session = await get_session(request, session_required=True)
user_id = session.user_id

Because i need the user id for every request, this havely slows down my api calls.

Hey guys! I'm pretty sure I'm doing something stupid here But I'm getting a 404 when frontend is trying to reach the auth endpoint http://localhost:3000/auth/authorisationurl?thirdPartyId=google I have configured apiBasePath as

/auth

Anything I can check?

(emailpassword & session - react - python-flask) email verification failing

I have an odd scenario: On local a successful signup will assign

sIRTFrontend

sFrontToken

sIdRefreshToken

and

sAccessToken

cookies and store them on the browser. On prod a successful signup will only assign

sIRTFrontend

and

sFrontToken

In both cases the user is added to the db under the correct (emailpassword) recipe. If I navigate to

/auth

on prod, I'm still redirected to

/

, so the

EmailPasswordAuth

component is still detecting some sort of logged in session but the cookies are not present or working in the browser cookies nor being transferred with the request credentials. This all works on local. I cannot for the life of me, figure out why the local implementation would be different?

hey guys

i was wondering if there was a way to add stuff to to a users details using django serializers and all

e.g when an uber ride is done, a command adds a value of 1 to the driver’s jobs_completed field

using django’s rest framework http requests serializers and all

User metadata

Hi, I can’t figure out why Supertokens.doesSessionExists returns false in my react-native implementation. What is the condition for it to be true ? Is there something I must save in my localStorage ?

more of a design question, but is there some standard way of making supertokens-react work with something like react-query? react-query provides a useQuery hook which fetches data from the backend on first render. however, if the session is still loading, this will fail, but returning null if the session is loading is not an option either, since react does not allow conditional hooks (returning before useQuery is not allowed).

useQuery with session loading

Hello, I want to setup Super Tokens Core on my machine for R&D purposes. I follow the step in the docs to setup without docker but I ended up with an error "ERR_CONNECTION_REFUSED" on Chrome, I setup mysql and I have 2 lines in the key_value table. But when I try with Docker I get the Hello from the /hello route. Any ideas ? I tested with WSL2

Connection refused error

Hi, I am wondering if it is possible to programatically create magic urls and send them out via SMS instead of requiring the user to input the number first?

magic link customisation

Hey, I realized the auth cookie isn't sent on mobile browser (tested on ios Chrome & Safari) so I get

refreshSession: UNAUTHORISED because idRefreshToken from cookies is undefined

is there any workaround? i'm working on a responsive PWA with nestjs + graphql + React

How do the

supertokens-node

verifySession

and

Session.getSession

functions behave in case the session is expired? Do they check this? or will they return `null`/`undefined` in such an scenario?