If SuperTokens Core is being hosted locally, is there a way to enforce that calls to it can only come from

localhost

? (That is, only the local web app can make calls to it and no one else.) I know we have the API keys. But theoretically, enforcing that only

localhost

is allowed would add additional safety, right? 🤔

NextJS Session Recipe Documentation

On flutter it is possible to log in with your email/username and password. Then after checking his information, asked for the second authentication factor(example: totp/email/sms)

@rp_st Why does it take time to validate role claim? I signed up a user, added a role got this log

roles.go:94: [Info] Role added to user: &{false} with user_id:702116bc-1a9f-4a1c-b71e-3d74d9c0fce4 role: admin

but i can't call endpoint with role claim validator it eventually works, but i am not sure about the exact time calling this returns role as admin

go
    admin.Get("/auth/role", func(c *fiber.Ctx) error {
        sessionContainer := session.GetSessionFromRequestContext(c.UserContext())

        response, err := userroles.GetRolesForUser("public", sessionContainer.GetUserID(), nil)

        if err != nil {
            log.Errorf("Error getting roles: %v", err)
            return util.ReturnError(c, 500, "Error getting roles")
        }
        return util.ReturnSuccess(c, response.OK.Roles)
    })

Has anyone found that when they're logged in with super tokens and the backend is verifying their ID, that after they move off the frontend tab for a bit and come back, the userId is rendered as null on the backend? But then when the frontend is refreshed, the userId is correctly set again

Hey Hi guys, Actually we are running self-hosted supertokens in docker. W got an issue like initial some days I can find "add user" button in user management dashboard to add users but after some days it is not showing. We have done R&D but didn't find any solution. What was the issue or did I miss any configuration?

https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/sessions/handling-session-expiry Can I use this handler with Next.js 13/14?

Any ETA on bun runtime based sdks for auth? Apparently using supertokens/node shoots random error on Elysia framework

hi, @rp_st We encountered this error when we tried to log in. But we did not make any changes to supertokens that would affect this. why could this be? SuperTokens core threw an error for a request to path: '/public/recipe/signin' with status code: 403 and message: Email password login not enabled for tenant.

Hi guys, the instructions for the docs aren't working on my Macbook M1. Following this: https://supertokens.com/docs/community/versioning I get this error :

ℹ Starting the development server...
Docusaurus website is running at "http://localhost:3000/".
Browserslist: caniuse-lite is outdated. Please run:
npx browserslist@latest --update-db

Why you should do it regularly:
https://github.com/browserslist/browserslist#browsers-data-updating

● Client █████████████████████████ building (10%) 0/5 entries 1/5 dependencies 0/0 modules 0 ac
tive 
 

ℹ ｢wds｣: Project is running at http://0.0.0.0:3000/
ℹ ｢wds｣: webpack output is served from /
ℹ ｢wds｣: Content not from webpack is served from /Users/rs/Documents/Development/docs/v2
ℹ ｢wds｣: 404s will fallback to /index.html
node:internal/crypto/hash:71
  this[kHandle] = new _Hash(algorithm, xofLen);
                  ^

Error: error:0308010C:digital envelope routines::unsupported
    at new Hash (node:internal/crypto/hash:71:19)
    at Object.createHash (node:crypto:133:10)

I ran:

git clone https://github.com/supertokens/docs.git

git checkout 0.9.0

and then

cd v2

and then

npm i -d

and then when trying to run I got the error. Just to let you know 🙂