603466164219281420 #support-questions

@User we have fixed the sharing of session across subdomains for browsers like Safari. But it will only work if they are all talking to the same API. If they are talking to different APIs, it's not treated as the same session, and the user will need to login separately into the other sub domain. You may want to have a look at the new-releases channel.

ankitjey

05/03/2021, 2:55 PM

@User How should one type check the session middleware, the req object doesn't have session type in it

ankitjey

05/03/2021, 2:56 PM

Making it any will obviously work, but does supertokens expose a type ?

gusfune

05/03/2021, 2:57 PM

Thanks a lot! We need to figure out the api issue as we have scoped those api's also to the same subdomain. Is there any way around it that we could do?

user

05/03/2021, 3:16 PM

@User awesome, Rishabh! 💪 looking very good. looking at the

user

Lambda function.

Copy code

app.get("/user", Session.verifySession(), async (req, res) => {
    let session = req.session;
    res.send({
        sessionHandle: session.getHandle(),
        userId: session.getUserId(),
        jwtPayload: session.getJWTPayload()
    });
});

where the business logic is intended to go - before or after the

res.send

05/03/2021, 3:43 PM

@User before.

res.send

sends a response to the client. Also, this is an example API that does session verification. You don't actually need this API.

05/03/2021, 6:39 PM

@User You can type the req object in the following way:

Copy code

import { SessionContainer } from "supertokens-node/recipe/session";
import { Response, Request } from "express";

app.post("...", Session.verifySession(), (req: Request & {session: SessionContainer} , res: Response) => {
    let session = req.session;
})

user

05/04/2021, 7:25 AM

why is then the session verification part of the example? 🤔 another thing - the docs say that every regular function should include

supertokens.init(getBackendConfig());

at the top so the caller could be auth-ed. but does every regular function also has to be wrapped in Express? and have the CORS part?

05/04/2021, 7:27 AM

> why is then the session verification part of the example? Just to show how one could do session verification in a lambda function. > but does every regular function also has to be wrapped in Express? and have the CORS part? If you are using supertokens in that function, then yes.

05/04/2021, 7:28 AM

You could create a wrapper function that does the whole express + CORS + init thing, and allows you to define just your functions. And then use that in all your lambda functions - this way you won't have to keep repeating the boilerplate code.

user

05/04/2021, 7:30 AM

exactly, that would be ideal.

user

05/04/2021, 7:32 AM

@rp btw, why one would not want to do a sesh verification in a Lambda?

05/04/2021, 7:32 AM

cause maybe the lambda function requires to know which user is logged in

05/04/2021, 7:33 AM

Or it requires that it be called only if a user is logged in

brian.tanseng

05/05/2021, 3:56 AM

hi everybody! I'm new here. I stumbled upon this project because of a project requirement. Though in our project, the username is a mobile number (not email) Question: Is this something supertokens can support? Thanks! Loving the project.

05/05/2021, 5:06 AM

Hey @brian.tanseng do you mean mobile and password? Or mobile an OTP based login?

brian.tanseng

05/05/2021, 5:56 AM

Both use cases: 1. mobile and password, 2. mobile and OTP

05/05/2021, 5:58 AM

got it. At the moment, we don't have either. But sure to plan on making them. How would the UI look like? the user enters their mobile, and then clicks next, and you show either an enter password or enter OTP field?

deltasoneca

05/05/2021, 1:17 PM

Hi, I am implementing signup with Github, which apparently is working fine (it shows Github's identity modal and return to my application authorized), but it is not triggering my

handlePostSignUp

. I am handling the sign up event in the backend, following this doc: https://supertokens.io/docs/thirdpartyemailpassword/common-customizations/handling-signup-success#3-handling-sign-up-event-on-the-backend The

handlePostSignUp

is working fine for email+password signups btw, but it is not even being triggered when using Github to sign up. Any ideas what's wrong?

05/05/2021, 1:18 PM

Which version of the frontend SDK are you using?

05/05/2021, 1:19 PM

and backend SDK version as well.

deltasoneca

05/05/2021, 1:20 PM

Copy code

"supertokens-auth-react": "^0.8.0",
"supertokens-node": "^4.2.0"

05/05/2021, 1:21 PM

And the backend

handlePostSignUp

is not being called right?

deltasoneca

05/05/2021, 1:21 PM

Right, but only when I try to sign up with Github. When I sign up with email+password is working fine.

05/05/2021, 1:21 PM

Alright. Let me check

05/05/2021, 1:28 PM

@User It does seem to be working on the demo site. One point to keep in mind is that if you are using social login with an already existing user, and you use it with the sign up tab, it will actually sign in, and call the

handlePostSignIn

method: https://supertokens.io/docs/thirdpartyemailpassword/common-customizations/handling-signin-success#handlepostsignin