Post user login

Hi, What is the best way to achive a "stay logged in" for a long time? I dont want the users of my mobile app to login again event if they hadn't used the app for some weeks

Thanks so much, it is working now but, is there any way to handle it directly from Backend? I mean, if I detect that the session is expired on Backend, is there anyway to refresh it directly from there, instead of responding with "try refresh token" message to Frontend and getting request on auth/session/refresh? I know it is conceptually different from what SuperTokens is for, but I am trying to handle something else with described scenario.

Let's say I have two customers, C1 and C2, and we provide some integrations infrastructure to them where Auth is powered by Supertokens (self-hosted for development purposes). Both customers have a common user, U1. If the user signs in to their products P1 and P2 using google, supertokens will assume that it is the same user as

third_party_user_id

is the same but will create two

sessions

. This might lead to some issues in the future as we will be using user_id for lots of other stuff. 1. Is there any way to consider them as separate users? 2. Should we use separate supertokens instance (cloud or local) for each customer? I guess, you will have something internally to manage multiple clients on the supertokens cloud.

What's wrong with this configuration that it will throw exception

appInfo: {
      appName: 'myapp',
      apiDomain: 'http://api:3000',
      websiteDomain: 'http://localhost:4200',
      apiBasePath: '/v1/auth',
      websiteBasePath: '/auth'
    },

Exception:

{
  err: Error: Please make sure that the apiDomain and websiteDomain have correct values
  ...
}

If SuperTokens Core is being hosted locally, is there a way to enforce that calls to it can only come from

localhost

? (That is, only the local web app can make calls to it and no one else.) I know we have the API keys. But theoretically, enforcing that only

localhost

is allowed would add additional safety, right? 🤔

Hi there! Here's the issue I'm facing. I'm at the step where I've deployed FastAPI to an AWS Lambda function via Mangum, with Supertokens successfully running (returns hello from /hello), the Lambda function accessing the API database, and the frontend accessing the API. All of these are tested. Unfortunately, I get a cryptic error in the post-signup handler:

response = await api_implementation.sign_up_post(
  File \"/var/task/app/users/utils.py\", line 93, in sign_up_post
    response = await original_sign_up_post(form_fields, api_options, user_context)
  File \"/var/lang/lib/python3.9/site-packages/supertokens_python/recipe/emailpassword/api/implementation.py\", line 199, in sign_up_post
    result = await api_options.recipe_implementation.sign_up(
  File \"/var/lang/lib/python3.9/site-packages/supertokens_python/recipe/emailpassword/recipe_implementation.py\", line 123, in sign_up
    response = await self.querier.send_post_request(
  File \"/var/lang/lib/python3.9/site-packages/supertokens_python/querier.py\", line 167, in send_post_request
    return await self.__send_request_helper(path, \"POST\", f, len(self.__hosts))
  File \"/var/lang/lib/python3.9/site-packages/supertokens_python/querier.py\", line 246, in __send_request_helper
    raise_general_exception(e)
  File \"/var/lang/lib/python3.9/site-packages/supertokens_python/exceptions.py\", line 25, in raise_general_exception
    raise GeneralError(msg) from None
supertokens_python.exceptions.GeneralError

Now, I've tried running the same FastAPI locally (sans Lambda), passing the same Supertokens instance and same API database in production (just the API running locally in uvicorn). I was able to successfully create a new user! Then, I was able to successfully sign in as that user via the frontend hitting the Lambda API 🤯 This tells me that the Lambda function does have access to the Supertokens deployment for signin functions, but mysteriously fails for signup.

@rp can the metadata be modified from frontend. I want to set account id in the metadata from the backend sdk and do not want to the frontend clients modify that. How can I do that.

Hello, im learning about supertokens and i have doubts about event propagation, does the core support send events like user-created or user-updated into a message broker or do i need to overwrite those endpoints to make by my own?

Hi, I am implementing supertokens in python fastapi. Now I am at the point where I am trying to deploy it to AWS lambda by wrapping my app around Mangum. However, I keep getting this error "RuntimeError: There is no current event loop in thread 'MainThread'". My app works fine locally, and I have dockerized it. I see that there is a section for AWS lambda in the docs but it is only for node. I also noticed that there is a framework called "awsLambda" in that example. But there isn't an option for the supertokens_python library. Is this not supported?

Hi I am implementing supertokens in

Event hooks and actions

Hi, I tried running supertokens (the binary) in aws lambda and it doesn't seem to work. What I did was I downloaded the supertokens-postgresql binary, dockerize it by copying the binary over to the docker image and installing it there. I tried to "docker ps" into it and ran "supertokens start" and it worked. However, when I deploy the image to AWS lambda it fails to run everytime. Hence, I set the erro flag in config.yaml to "null" so that the error would show in std-in, and what I found was always a java exception, something related to read-only file system. I suspect this is because aws lambda has the entire file system as read-only, except for /tmp. But Supertokens is trying to write to /usr/lib/supertoken/webserver-temp. Any idea about this? I essentially tried to run "supertokens start" when the lambda function is triggered but failed to do so.

Hi, im trying to implement supertokens as microservice by esm, but i get this. What is a problem?

Hi, how do I redirect my page to login page in a backend route protected by verify_session. I am using Flask and Plain JS frontend. So if a user navigates to domain.com/account , if session is not valid, I'd want to redirect to /login . Right now, I just get a "{"message":"unauthorised"}" with 401 response.

hey, quick question.

Stopping SuperTokens...
2022-09-21T13:56:00.000 [info] What caused the crash: Driver org.postgresql.Driver claims to not accept jdbcUrl, jdbc:postgres://darisini-staging-db-1.internal:5432/supertokens?allowPublicKeyRetrieval=true
2022-09-21T13:56:01.000 [info] Starting clean up.

Hello, we got this weird flow that we wanna signup users and create password for those users from our own dashboard. Problem with using the signUp method

import { signUp } from 'supertokens-web-js/recipe/emailpassword'

is that its sending along the cookies, that logsout initial users and switch to the register one 😉 anyway to avoid the authentication & sending cookies along?

Hi, i have a problem with "No SuperTokens core available to query"

Hi, I got a problem with apple login. Just to clarify my code with apple login works on a one environment with a set of client-id, key-id and client-secret but on another environment with a different set of client-id, key-id and client-secret the same code fails and i try to understand why maybe you will have some info to share. Im using Go as my backend. The sign in with apple id seems to work but when im redirected it fails in the backend on

signinup

api with a panic error of

interface conversion: interface {} is nil, not string

I've attached the logs to the message, they are supertokens logs mix with some of my app. My guess is it could be my configuration is wrong but i dont see any problem with it.

quick, question. Is it easy to switch between recipe on production?

for example I am on ThirdPartyPassword less

I want to switch off email login for now

I am currently evaluating if supertokens is the right tool for me. I want to support one account to be used by multiple different apps. (from different domains) I think the way to go about this would be to have all the frontends connect to one single backend. Is this the correct way to go about this? If so, what do I place as the appName and websiteDomain in the appInfo object on my backend?

Is there a way to import a csv? I already have some users in a csv file but currently I can't find a way to migrate it to a production database

Hello everyone im trying to implement Authentication/Authorization flow in Nest.js but wihtou success, Has anyone been able to integrate them?

With nestjs

I tried setting some data using merge access token payload on the backend and then useSessionContxt to get the payload on the frontend. I am able to set the data properly on the backend but when I try to get it on the frontend it is always an empty object {}. Any idea why?

what's a good way to check all avaliable routes in

auth

middleware I am currently deploying supertokens, on fly.io . it works on my local machine. Broken on deployed

{
2022-09-23T04:01:03Z app[1a7515c8] sin [info]  framework: 'awsLambda',
2022-09-23T04:01:03Z app[1a7515c8] sin [info]  isInServerlessEnv: true,
2022-09-23T04:01:03Z app[1a7515c8] sin [info]  appInfo: {
2022-09-23T04:01:03Z app[1a7515c8] sin [info]    apiDomain: 'https://staging.darisini.com',
2022-09-23T04:01:03Z app[1a7515c8] sin [info]    websiteDomain: 'https://staging.darisini.com',
2022-09-23T04:01:03Z app[1a7515c8] sin [info]    appName: 'Darisini',
2022-09-23T04:01:03Z app[1a7515c8] sin [info]    apiGatewayPath: '/.redwood/functions',
2022-09-23T04:01:03Z app[1a7515c8] sin [info]    websiteBasePath: '/auth',
2022-09-23T04:01:03Z app[1a7515c8] sin [info]    apiBasePath: '/auth'
2022-09-23T04:01:03Z app[1a7515c8] sin [info]  },
2022-09-23T04:01:03Z app[1a7515c8] sin [info]  supertokens: {
2022-09-23T04:01:03Z app[1a7515c8] sin [info]    connectionURI: 'https://darisini-supertokens-staging.fly.dev',
2022-09-23T04:01:03Z app[1a7515c8] sin [info]    apiKey: 'Z8bhDE4EmCrmU2auutPbLw2wMiFyPJpoFqQ2ZK9VLMUdY7ZzvzaF6FTBG4FKC76A'
2022-09-23T04:01:03Z app[1a7515c8] sin [info]  },
2022-09-23T04:01:03Z app[1a7515c8] sin [info]  recipeList: [ [Function (anonymous)], [Function (anonymous)] ]

```

Access token paylod update issue

Is there a way to prevent refresh on login? I am using react so I dont want the page to refresh, just redirect