Hey, i have a auth web set up with react and i want to redirect upon successful sign in to a different url (my app) The auth web and the app web are in the same subdomain so i have like for example https://auth.my.subdomain.com and https://app.my.subdomain.com I tried using getRedirectionURL

getRedirectionURL: async (context) => {
                if (context.action === "SUCCESS") {
                    let redirectUrl = context.redirectToPath

                    if (redirectUrl !== undefined) {
                        console.log("yoo redirected path");
                        console.log(redirectUrl)
                        // we are navigating back to where the user was before they authenticated
                        return redirectUrl
                    }
                }
                return undefined;
            },

I call the sign in with redirectToPath in the url like so https://auth.my.subdomain.com/auth?redirectToPath=https://www.app.my.subdomain.com and i get that the context.redirectToPath is empty and it just redirects me to the home page of my auth web instead to my web app. When i tried setting the web app url hardcoded in the return of getRedirectionURL it works like a charm and redirected me to the web app. Any idea if this is possible? or only paths are allowed to be redirected to? (Thanks for the help so far you have given me)

I am setting up something wrong with supertoken and I have no clue how to fix this? Does anybody have a clue? My first error in the console.log is this in the attached image.

Solved on my own 🥳 Hi there! I'm working with the

supertokens-node

SDK and a Fastify Mercurius GraphQL server. Having issues getting our context setup and would love some help. I'm using a request from Postman that has the correct

st-access-token

header set, and have my context setup exactly how recommended in the docs. However, the session always returns undefined https://supertokens.com/docs/thirdpartypasswordless/graphql-integration/backend-setup Sorry for not much initial information... lemme know what's helpful and happy to provide anything I can :)

I just posted to production. Been developing localhost with nextjs. When in production I'm getting this error:

has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.

I'm wondering if it has something to do with

NextCors

middleware? Any ideas?

Just wanted to confirm somthing. I see supertokens has CSRF built in by default. I personally use this with my Next.JS (app dir) application and external Express.JS API. Both share the same connection uri. I am essentially then allowing users to configure stuff on a dashboard (via the Next.JS application), which typically calls the built in Next.JS API, which then may call my external API. Basically, I am wondering if my external Express.JS API would also be protected from CSRF attacks by default, assuming configs are correct.

Hi @rp_st Looks like the front end module of supertokens tries to call the core in a loop, it's making many calls per seconds without an end.

getting this error in the console on the client side Access to fetch at 'https://api-development.bitcoinerfreelance.com/auth/session/refresh' from origin 'https://development.bitcoinerfreelance.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. Here is my Cors implementation on the back end app.use( cors({ origin: websiteDomain, allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()], methods: ["GET", "PUT", "POST", "DELETE"], credentials: true, }) ); and my Supertokens init supertokens.init({ framework: "express", supertokens: { // TODO AARON - in production need to swap this with the connection for supertokens connectionURI: configData.superTokens.connectionURI, apiKey: configData.superTokens.apiKey, }, appInfo: { appName: "Bitcoiner Freelance", apiDomain: apiDomain, websiteDomain: websiteDomain, apiBasePath: "/auth", websiteBasePath: "/auth", },

Hey! , i am trying to add the forgot-password functionality to my app , i was able to get it to send the mail but currently it sends it using the supertokens email, i want to configure it to use my mail I have added the below lines to supertokens init

emailDelivery: {
                    override: (originalImplementation) => {
                        return {
                            ...originalImplementation,
                            service: new EmailVerificationSMTPService({
                                smtpSettings,
                            }),
                            sendEmail: async function (input) {
                                if (input.type === 'PASSWORD_RESET') {
                                    // You can change the path, domain of the reset password link,
                                    // or even deep link it to your mobile app
...

Hello, I am planning to use SuperTokens as a self-hosted auth service. I have successfully done the docker setup connected with the DB, but I am wondering for the back-end, I see there are libraries for Node, GoLang, and python, but is there a library for Rust? If not, how can I make Rust be able to communicate with SuperTokens?

Hi! I'm having an issue when i try to sign up with a thirdparty provider. -> Issue: I'm getting a FIELD_ERROR Request failed with status code 401 when I try to sign up with a Google account. What's strange is that I already managed to sign up and sign in using an other Google account. -> Frontend SDK used: supertokens-website, v10.0.8) -> Backend SDK used: supertokens-node, v9.2.1 -> Debug logs from the backend SDK (the message with log is too long for Discord so I removed the time of the request):

{message: "middleware: requestRID is: thirdpartyemailpassword", file: "node_modules/supertokens-node/lib/build/supertokens.js:172:26" sdkVer: "9.1.2"}
{message: "middleware: Checking recipe ID for match: thirdpartyemailpassword", file: "node_modules/supertokens-node/lib/build/supertokens.js:181:34" sdkVer: "9.1.2"}
 {message: "middleware: Matched with recipe ID: thirdpartyemailpassword", file: "node_modules/supertokens-node/lib/build/supertokens.js:194:30" sdkVer: "9.1.2"}
{message: "middleware: Request being handled by recipe. ID is: /signinup", file: "node_modules/supertokens-node/lib/build/supertokens.js:206:30" sdkVer: "9.1.2"}
{message: "middleware: Started", file: "node_modules/supertokens-node/lib/build/supertokens.js:158:26" sdkVer: "9.1.2"}
{message: "middleware: requestRID is: anti-csrf", file: "node_modules/supertokens-node/lib/build/supertokens.js:172:26" sdkVer: "9.1.2"}
{message: "middleware: Checking recipe ID for match: thirdpartyemailpassword", file: "node_modules/supertokens-node/lib/build/supertokens.js:220:34" sdkVer: "9.1.2"}
{message: "middleware: Request being handled by recipe. ID is: /authorisationurl", file: "node_modules/supertokens-node/lib/build/supertokens.js:225:38" sdkVer: "9.1.2"}
{message: "Sending response to client with status code: 200", file: "node_modules/supertokens-node/lib/build/utils.js:90:14" sdkVer: "9.1.2"}

response : { status: 'FIELD_ERROR', error: 'Request failed with status code 401' }