Is there any chance a function could be added that returns the session found on the server instead of (or in addition to) adding it to the

request

object? (Talking about

Node.js

here.) I'm playing around with

Svelte Kit

. And it seems like they don't give us access to any data tacked onto the request object. I'm trying to figure out if there's a more functional way to get the session instead. 🤔

What is the difference between overriding an api vs overriding a function? For example consumeCode as a function vs consumeCodePost as an api? What are the intended use cases for each option?

Hi all, we've been evaluating Supertokens as well, we were researching the flow and session management and had a question around session extension. Are there accommodations for usage-based session extension, for example, from a public machine? We have a heavy use case on public machines, our existing system uses a 'short-medium term lived access token whose usage extends their expiry' type of session management. Additionally, we have a mobile use case (and additional cases in the future) that fits perfectly with the 'suggested flow' (which is why we're evaluating Supertokens in the first place). We'd like to utilize the suggested Supertokens flow, but with the ability to extend a short-term session based on usage. We were wondering if this was a use case and if there were recommendations around this type of behavior

I am developing chrome extension using supertokens I am validating user logged in or not using aAccessToken which are in website cookies but when I get the 401 then I am trying using sRefreshToken but I am getting 401 for that as well although it is valid.How can I solve? This is the curl curl 'https://test-api.paperguide.ai/auth/session/refresh' \ -X 'POST' \ -H 'accept: application/json, text/plain, */*' \ -H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' \ -H 'authorization: Bearer "c/qMoWsRTj8kLHaXFXpgaI3qdxjTRZFzKm3vE5csc98g4935GpyG11ypg0P8m6UreXv7p0s5nZuaZj8RD2AxnkoI7H6kxuB3umWBJZu1fU75Kd/JHJfhWjzDhf9YMk4PrseQQ1%2BjacQhOIkHF%2BYdqek8nwY9eOEHHrj84wFmB2jO2%2BDJO367o8xHsbk%2BCVVXa60w0bMaYq4lCEWzPxCz%2BVsJcQ7v0hlN6wZ2AS4RGJ9sRviSJVz%2B1ziaYIvG0R8FWNBujV5G%2BhvYh4jkFqmpQ9pItTj8DmtNfCJfF0NTZDG%2B3B8GepNxcCMr%2BST1ka4ysiEDO0kEgT9Q1OaMbOdJ0GDz1krISf3FjjvyZ%2BnLN/FrTvWOBTQE2gqtDuFAxwRIatVBuYBEAB7HM9De.9a6cd961329546b23617792476960a90f205ed1d3c89eee69548953b1127b463.V2"' \ -H 'content-length: 0' \ -H 'content-type: application/x-www-form-urlencoded' \ -H 'origin: https://www.plasmo.com' \ -H 'priority: u=1, i' \ -H 'referer: https://www.plasmo.com/' \ -H 'sec-ch-ua: "Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"' \ -H 'sec-ch-ua-mobile: ?0' \ -H 'sec-ch-ua-platform: "Linux"' \ -H 'sec-fetch-dest: empty' \ -H 'sec-fetch-mode: cors' \ -H 'sec-fetch-site: cross-site' \ -H 'user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36'

I have a general question. How high of a priority is MongoDB login? It’s been quite a while since I’ve seen any updates so I thought I might just ask here.

Hi, has anyone tried using SuperTokens with HTMX? If so, do you have any guidance or advice?

Hi, I am using FastAPI with supertokens. And would like to store users in my own DB. I am using Email passwordless social recipe and would like to capture the event when the user signs in so that I can check if I have the corresponding user in my database and if not create one. Can anyone point me to the relevant docs please. Thanks.

Hi there! I'm planning to launch my app before the end of the month and I'm trying to implement a referral system, where new users can sign up only with an invitation code. My app is using the ThirdPartyPasswordless recipe, and contrary to the EmailPassword recipe, there's no Sign Up flow on which I can add another required field when signing up. As of now, I'm creating manually new users for my beta testers, and I'm denying signup if I can't find any matching email/phone in a

createCodePOST

API function override. I was thinking about exposing a route on my application to validate an invite code, in which the route would create a new user on Supertokens, hence enabling this email to sign in. However, in that setup, there's no way to verify the provided email authenticity, except if I implement email validation on my own, which isn't something I want to do. Can you think of other ways to implement that? Is that something that could be integrated within my Supertokens setup or should I think about this being outside of Supertokens' scope? I understand this is a kind of specific use case, and might not even be related to Supertokens, but still I'd love to hear your input on this 🙂

Hey! I have written an api to return an session using the received cookie. Took reference from here: https://supertokens.com/docs/passwordless/nextjs/app-directory/session-helpers

We are experiencing high latency while calling createCode and consumeUser? Together they are consuming around 28s.