Hello. If I create a instance of axios, supertoken is not detecting session cookies. I am using supertokens-web-js in nuxt.js 2 // Here is my code plugins/axios-cache-setup.js

import axios from 'axios'
import { setupCache } from 'axios-cache-interceptor/dev'

export default function ({ $config }, inject) {
  // Create axios instance
  const axiosInstance = axios.create({
    baseURL: $config.baseURL, 
  })
   // Set up caching
  // Set axios instance to Nuxt context
  const axiosWithCache = setupCache(axiosInstance, {
    methods: ['get', 'post'],
    debug: console.log,
  })

  inject('axiosCache', axiosWithCache)
}

Hi, I'm facing a problem with the

st-auth-mode

request header. First, I do a signup request (using the email password recipe) where I set the header

st-auth-mode: cookie

. I then get a response with

Set-Cookie

headers for the access token and refresh token. This is as expected. Next, I do a signup request where I don't set the

st-auth-mode

header. I then get a response with both

Set-Cookie

headers and

st-access-token

and

st-refresh-token

headers. I do not expect to get the

Set-Cookie

headers. I do a signup request one more time, again without setting the

st-auth-mode

header. This time only the

st-access-token

and

st-refresh-token

headers are set. This is as expected. All signup requests I do afterwards without the

st-access-token

header give the same proper result. The second request should not have returned the

Set-Cookie

headers. Is this a known issue or am I doing something wrong?

I have both an electron app and a web app that do different things. When I sign in through the Electron app, the Electron app starts showing the webapp. Where can I change this? So that Electron just goes to its own main renderer.tsx file. I found this: https://supertokens.com/docs/thirdpartypasswordless/pre-built-ui/auth-redirection But not sure how I can differentiate web/Electron.

Hello, I am having issue with API /signinup, it is being called twice, already looked at other discussions in here but I still don't know how to prevent I am using SuperTokens Core (Managed) v7.0, front-end I am using React with "supertokens-auth-react": "0.31.5", back-end is ExpressJS with "supertokens-node": "13.6.0"

Hi, I'm using multi tenants and wanted to share the session accros sub domains. So i referred here; https://supertokens.com/docs/emailpassword/common-customizations/sessions/share-sessions-across-sub-domains But the example there uses the prebuilt UI (

supertokens-auth-react

), and i'm using my custom UI (

supertokens-web-js

) How can i accomplish sharing session across domains with the custom UI? Thank you

Hi, I would appreciate some help with getting session authorization to work with a second api. I have NextJS 14 setup with app router and a backend api with Express. Server sided components are getting 'unauthorised' responses from the Express api.

ERROR [ExceptionsHandler] Received response with status 401 and body

I have supertokens core behind nginx reverse proxy. I'm forwarding these headers: proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; I get "hello" only if i remove the Host header. So I'm wondering how to bind the core instance with the A/AAAA assigned record. In the attached docs I found SUPERTOKENS_HOST but it doesnt seem to have effect on the reverse proxy, still getting HTTP Status 400 – Bad Request when forwarding the host. this is my config.yaml core_config_version: 0 host: "0.0.0.0" supertokens_host: "https://supertokens.example.com"

getting this error in the console on the client side Access to fetch at 'https://api-development.bitcoinerfreelance.com/auth/session/refresh' from origin 'https://development.bitcoinerfreelance.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. Here is my Cors implementation on the back end app.use( cors({ origin: websiteDomain, allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()], methods: ["GET", "PUT", "POST", "DELETE"], credentials: true, }) ); and my Supertokens init supertokens.init({ framework: "express", supertokens: { // TODO AARON - in production need to swap this with the connection for supertokens connectionURI: configData.superTokens.connectionURI, apiKey: configData.superTokens.apiKey, }, appInfo: { appName: "Bitcoiner Freelance", apiDomain: apiDomain, websiteDomain: websiteDomain, apiBasePath: "/auth", websiteBasePath: "/auth", },

I want to create a new user context that includes a request in golang, how can i do that?