https://supertokens.com/
Join Discord
So I am using `FastAPI` and I would believe that the `Middleware` will add the `/auth` endpoints (se...
b

bert2002

about 3 years ago
So I am using
FastAPI
and I would believe that the
Middleware
will add the
/auth
endpoints (set website_base_path) to the fastapi application, but it does not. I dont see any errors though. I tried the example from github, but no success ( https://github.com/supertokens/supertokens-python/blob/master/examples/with-fastapi/with-thirdpartyemailpassword/main.py )
b
r
k
  • 3
  • 42
  • 37
Hello ! 👋 I am evaluating Ory Kratos and Supertokens. It looks like both can fit my needs, but my ...
h

HappyCathode

over 3 years ago
Hello ! 👋 I am evaluating Ory Kratos and Supertokens. It looks like both can fit my needs, but my main concern in with the DB high availability part. I'm planning on deploying my app on a k8s cluster and using Yugabyte for the DB, and it seems Kratos does not support it according to some old github issue they had. I'm rather unimpressed with Ory's idea of high availability, which pretty much boils down to "we have infinite horizontal scaling capabilities as long as the DB follows, and that's not our problem", and then only allow pointing to a single hostname in the DB connection string. Even if I point to an haproxy or SQL proxy, I can't at least point to 2 and have a least one as a fallback. My questions would be : Can Supertokens be configured with multiple PGSQL targets in the connection string ? And before I go down that rabbit hole and test it myself, is anybody using Supertokens with Yugabyte as DB backend in production?
h
r
  • 2
  • 6
  • 37
Hi <@498057949541826571> Somehow the frontend SDK doesn't set interceptors on fetch and doesn't pas...
a

aquamarine2620

about 2 years ago
Hi @rp_st Somehow the frontend SDK doesn't set interceptors on fetch and doesn't pass the session data when making requests. Our core is set at
identity.<domain>.com
and our microservices at
<microservice_name>.<domain>.com
When calling
<microservice_name>.<domain>.com
it return a 401 because we can get the logged in user roles. Also when inspecting the request going out of the browser, no supertokens headers or cookies are being sent
a
r
  • 2
  • 69
  • 36
We've noticed that some of our authentication-related emails are being flagged as spam by GMail (e.g...
g

goodgravy

about 2 years ago
We've noticed that some of our authentication-related emails are being flagged as spam by GMail (e.g. password reset). * We're using our own domain name * We're using Mailgun to send the messages * SPF and DKIM is set up correctly * The GMail message implies the risk factor is the content of the emails itself: "Similar messages were used to steal people's personal information. Avoid clicking links, downloading attachments or replying with personal information" Our next move, therefore, will be to change the content of the message so that it doesn't resemble the default ST template. Was wondering if other people had faced something similar and had success with a different approach?
g
r
  • 2
  • 6
  • 36
I got 405 when signin/up. I am using NextJS and passwordless login. (Phone) I have `pages/api/auth...
y

yujonglee

about 2 years ago
I got 405 when signin/up. I am using NextJS and passwordless login. (Phone) I have
pages/api/auth/[[...path]].tsx
and it's content is same as doc. This is my appInfo
export const appInfo = {
  appName: NAME,
  apiDomain: DOMAIN,
  websiteDomain: DOMAIN,
  apiBasePath: "/api/auth",
  websiteBasePath: "/auth"
}
I can see UI in
<DOMAIN>/auth
, but when I provide phone number and click continue, I got this.
[Error] Failed to load resource: the server responded with a status of 405 (Method Not Allowed) (refresh, line 0) <DOMAIN>/api/auth/session/refresh

[Error] Failed to load resource: the server responded with a status of 405 (Method Not Allowed) (refresh, line 0)
<DOMAIN>/api/auth/session/refresh

[Error] Failed to load resource: the server responded with a status of 405 (Method Not Allowed) (refresh, line 0)
<DOMAIN>/api/auth/session/refresh

[Error] Failed to load resource: the server responded with a status of 405 (Method Not Allowed) (code, line 0)
<DOMAIN>/api/auth/signinup/code
y
r
  • 2
  • 17
  • 36
I guessing that I can authenticate/authorise an API only application, with API authentication keys w...
h

helder.rossa

over 2 years ago
I guessing that I can authenticate/authorise an API only application, with API authentication keys with SuperTokens but I'm not sure how. how can I create a API key to use for API requests to my app? I can create users using /recipe/signup but not sure how to create an access token that does not expire
h
r
+2
  • 4
  • 115
  • 36
When i shift my vue frontend to a public domain, I can not login anymore. I get an log error "WebSoc...
d

derbernd

over 2 years ago
When i shift my vue frontend to a public domain, I can not login anymore. I get an log error "WebSocket connection to ... failed". The logs from the backend are okay. In the dashboard a new token is shown, but the frontend did not recieve this. I use vue behinde Traefik with the cors middleware. Do I have to add more options to Traefik?
d
r
  • 2
  • 17
  • 36
Hi Team, I am attempting to connect Supertokens to my PostgreSQL db running in a Heroku private spac...
t

tykindsir

over 2 years ago
Hi Team, I am attempting to connect Supertokens to my PostgreSQL db running in a Heroku private space. In order to achieve this I need to pass through a client certificate, client key and CA certificate. I have all of these and have tried a multitude of ways to get the connection working through docker but was unable. I have successfully made a connection to a non-secure Postgres db in Heroku, but for production purposes, we are intending to utilise the Private Space. I initially tried to connect with 'Running SuperTokens and PostgreSQL with docker, with docker-compose' but realised that since the database is already running, it makes more sense to utilise 'Running SuperTokens with Docker and PostgreSQL without docker'. The issue I am facing now is I'm not able to pass through the certificates as an environment variable as seemingly only the following are available: POSTGRESQL_CONNECTION_URI POSTGRESQL_USER POSTGRESQL_PASSWORD POSTGRESQL_PASSWORD_FILE POSTGRESQL_CONNECTION_POOL_SIZE POSTGRESQL_HOST POSTGRESQL_PORT POSTGRESQL_DATABASE_NAME POSTGRESQL_TABLE_NAMES_PREFIX POSTGRESQL_TABLE_SCHEMA
t
r
  • 2
  • 5
  • 36
with postman
r

rp_st

over 2 years ago
How can I make Postman send session tokens in requests if the sign-in request is not sending cookies in the response?
r
  • 1
  • 2
  • 36
Hi! Question about redirecting after sign in...
d

dleangen

about 3 years ago
Hi! Question about redirecting after sign in...
d
r
  • 2
  • 7
  • 36
Previous222324Next

SuperTokens.com

SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

Powered by