https://supertokens.com/ logo
Channels
Powered by
#support-questions
  • r

    rp

    03/04/2021, 5:53 AM
    @User , we do allow users to create their own login UI. We call these "themes". We have two types of components - feature components and themes components. Feature components expose various functions to the child component (the theme component). These functions can be used by the theme component to call the API for sign up / sign in / checking if an email exists etc.. So you can create your own theme inside the feature component we expose and build a login UI as per what you want. Is this what you were asking?
  • r

    rp

    03/04/2021, 5:56 AM
    @User the access_token refers to a token we create for session management. It's a JWT that is used to verify an active session for each request. The faunadb token is stored "within" the session and can be accessed after session verification. So in order to revoke a faunadb token, you simply need to revoke the supertokens' session. That would delete the faunadb token from your server / frontend as well. Info about revoking a supertokens session can be found here: https://test.supertokens.io/docs/thirdpartyemailpassword/common-customizations/sessions/revoke-session Also, for the apiKey query that you had, please have a look at https://supertokens.io/docs/community/supertokens-core/saas-setup#connecting-the-backend-sdk-with-supertokens
  • t

    thisjust

    03/04/2021, 9:14 PM
    Can someone provide some guidance re: how to use supertokens for session management only? I'm doing auth with magic.link. I've gotten as far as successfully running 
    Session.createNewSession
    on the backend after using fetch to send my backend the necessary magic.link token, but it's a bit unclear to me which set of supertoken docs apply to me (as someone not using supertokens auth) on the front end.
  • t

    thisjust

    03/04/2021, 9:26 PM
    Once that fetch call returns I call 
    await Session.getJWTPayloadSecurely
    on the front end, but get 
    Error: No session exists
    .
  • t

    thisjust

    03/04/2021, 11:48 PM
    sAccessToken
    and 
    sIDRefreshToken
    cookies are set, but those are the only ones. Executing 
    fetch
    in the console gives me
    Copy code
    ƒ (url, config) {
                return AuthHttpRequest.fetch(url, config);
            }
  • t

    thisjust

    03/04/2021, 11:50 PM
    ... so maybe I'm doing stuff mostly right? My init calls are correct as far as I can tell, but I could be wrong.
  • t

    thisjust

    03/05/2021, 12:56 AM
    I see from an earlier convo: "one more reason why you might be facing the issue, even if the interceptors are being added is cause you may be creating a session as a response to a browser level navigation. This means that the interceptors cannot handle the response to add some of the relevant tokens. If this is the case, you want to make sure to create a session only as a response to an API call from your JS code that runs on the frontend."
  • t

    thisjust

    03/05/2021, 12:59 AM
    Since fetch is getting interceptors (based on the response from typing 
    fetch
    in the console) but only 2 cookies are showing up, then perhaps that above quote is a clue to the issue I'm having ... but I don't quite understand what it's saying. I have 
    Session.createNewSession
    in my serverless function, which gets called as a result of me using 
    fetch
    from the front end. Is that correct?
  • r

    rp

    03/05/2021, 5:29 AM
    Yes. Your setup seems mostly fine @User . Can I please see the init function calls from your frontend and backend code?
  • r

    rp

    03/05/2021, 5:31 AM
    The docs that you should see are: https://supertokens.io/docs/thirdpartyemailpassword/common-customizations/sessions/using-with-faunadb for the backend and https://supertokens.io/docs/thirdpartyemailpassword/quick-setup/frontend for the frontend, excepting steps 3 and 4. And you also don't need to do 
    ThirdpartyEmailPassword.init
    inside the 
    recipeList
    . I'm working on a netlify example, and it should be ready soon. I'll send you a link to that once it's done so you can see how the serverless functions are setup.
  • t

    thisjust

    03/05/2021, 5:55 AM
    Great - I'll check on those docs
  • t

    thisjust

    03/05/2021, 5:56 AM
    Copy code
    SuperTokens.init({
  appInfo: {
      appName,
      apiDomain: "http://localhost:8888",
      websiteDomain: "http://localhost:8888",
      apiBasePath: "/auth"
  },
  recipeList: [
      // Not sure if the `{sessionScope: 'localhost'}`
      // is necessary, didn't see it in the docs
      // But saw it in your convo with Dimitri:
      Session.init({sessionScope: 'localhost'})
  ]
});
  • t

    thisjust

    03/05/2021, 5:57 AM
    Above is frontend
  • t

    thisjust

    03/05/2021, 5:57 AM
    Below is backend
  • t

    thisjust

    03/05/2021, 5:58 AM
    Copy code
    supertokens.init({
  supertokens: {
    apiKey,
    connectionURI,
  },
  appInfo: {
    appName,
    apiDomain: "http://localhost:8888",
    websiteDomain: "http://localhost:8888",
    apiBasePath: "/auth",
  },
  recipeList: [
    Session.init({
      // the supertoken docs say to do this:
      faunadbClient: new faunadb.Client({
        secret: FAUNA_SERVER_KEY,
      }),
      // but there's a convo in the discord history between you and Dimitri
      // that has this instead:
      // faunadbSecret: FAUNA_SERVER_KEY,
      userCollectionName: "User",
      accessFaunadbTokenFromFrontend: true,
    }),
  ],
});
  • t

    thisjust

    03/05/2021, 6:01 AM
    Aside from what you see in the init functions, I haven't done anything with the Quick setup Frontend or Backend since they both specify they specifically are for setting up authentication, whereas I'm using magic link for auth
  • t

    thisjust

    03/05/2021, 6:01 AM
    Those faunadb docs are what I've already been working with
  • r

    rp

    03/05/2021, 6:05 AM
    You don't need to specify sessionScope in the Session.init function call on the frontend.
  • r

    rp

    03/05/2021, 6:05 AM
    Can I see the response headers of the request you send using 
    fetch
    which calls the 
    createNewSession
    function?
  • t

    thisjust

    03/05/2021, 6:06 AM
    Okay, I've removed that param
  • t

    thisjust

    03/05/2021, 6:08 AM
    Is that what you're looking for?
  • r

    rp

    03/05/2021, 6:09 AM
    Yes. But the whole thing please. All the response headers
  • t

    thisjust

    03/05/2021, 6:09 AM
    Sure thing
  • r

    rp

    03/05/2021, 6:10 AM
    - Okay, and what's the request URL for the above - Can you send me a screenshot of the cookies that are set after this call is made?
  • t

    thisjust

    03/05/2021, 6:12 AM
    This is the call I'm making -- so the request URL, I believe, is http://localhost:8888/auth
  • r

    rp

    03/05/2021, 6:12 AM
    okay.
  • t

    thisjust

    03/05/2021, 6:13 AM
    Do you want the entire 
    Value
    ?
  • r

    rp

    03/05/2021, 6:14 AM
    that's odd. You don't have some of the values like 
    sIRTFrontend
    being set. Those are set by the interceptor
  • r

    rp

    03/05/2021, 6:14 AM
    This means that the interceptor is not running during your fetch call
  • r

    rp

    03/05/2021, 6:14 AM
    Have you called the supertokens.init function before doing the fetch call?
1...525354...343Latest