I am trying to implement Supetoken for passwordless and social login in Own custom UI in React and express Web App. And i am stuck with the same issue from past 3 days https://supertokens.com/docs/thirdpartypasswordless/custom-ui/securing-routes seems like its a bug in documentation. My Concern : in the above pic it is mentioned that we can use this function to protect our route. But it still expose UI of my private Route for some micro Second until the UseEffect donw its work. My Expectation: There should be a Method in which we can validate User session without using middleware. The method which are available https://supertokens.com/docs/thirdpartypasswordless/common-customizations/sessions/protecting-frontend-routes Eg. import { SuperTokensWrapper } from "supertokens-auth-react"; import { SessionAuth } from "supertokens-auth-react/recipe/session" are not working with my thirdpartypasswordless method explained in Documentation in Documentation all the module are getting imported from supertokens-web-js path but as you can see above its importing from supertokens-auth-react. So it giving error in UI Note; Please help me out if someone has implemented this https://supertokens.com/docs/thirdpartypasswordless/custom-ui/securing-routes in its React and Express app. Otherwise my company will fire me 🔥 😢 😭

Problems with refreshtoken cookie path in nextjs13 server side rendering I am using nextjs13 SSR and a fastapi backend. When I render something in server in nextjs I send the accestoken and everything works fine. When my accestoken is expired I call my refresh endpoint. The problem is that I don't have the refreshToken cookie because is only for /myrefreshendpoint. How can I fix it? Is any way to make this cookie available for all paths? Is that secure? Thanks for reading!

Hey, I'm getting a 404 on password reset backend route

Cannot POST /auth/user/password/reset/token

Anything special I could have forgotten ?

hi, we installed sentry to supertokens node backend to figure out issues some users are having about google login and capture some errors happening. looks like google apis are failing and it is happening quite often. can someone tell why this is happening?

Hi 👋 I have some concerns using

SuperTokens

with a

NestJS

app. 😦 Currently

SuperTokens

sdk is used as a

middleware

. This is also described in the

NestJS

integration documentation of

SuperTokens

. However here is how

NestJS

request-response cycle works.

request -> middleware -> guard -> interceptor (before) -> pipe -> controller -> service -> controller -> interceptor (after) -> filter (if applicable) -> response

With

SuperTokens

middleware it will work for configured

SuperTokens

routes just like below.

request -> middleware -> response

With that, some important aspects of the application might lose. 1. No

guards

called.

Guards

can be used to restrict ip address, or restrict geolocation. There will be no restrictions for

SuperTokens

routes. 2. No

interceptors

called.

Interceptors

can be used for metrics, all kind of analysis and logs. There will be no analysis about what

Supertokens

routes called with what frequency, in what times and many more. To give an example, commonly used middlewares in

NestJS

are

cors()

and

helmet()

middlewares. They do not early terminate request so

interceptors

,

guards

and other

middlewares

also run. So, current

NestJS

integration with

middlewares

does not seem right to me. What do you think about the concerns? Are there any plans to enhance

NestJS

integration?

Hey, is there any workaround for 2fa to have redirect url? This seems like a blocker. If you want to redirect users to different apps after login, how can you achieve that?

do you have any plans for adding a SDK for dotnet/C#? Considered it's usage percentage, I think it would be ideal. 🙂

I am looking at implementing a custom email delivery method in python as per the documentation: https://supertokens.com/docs/thirdpartyemailpassword/email-delivery/custom-method However, I'm unclear on what template_vars and user_context contain and how I would use them in the html I want to send in the emails. Am I missing some of the documentation? I'm looking to do this for custom_email_delivery and custom_emailverification_delivery so looking how to pass the to_email, password reset link and email verification url. I'll be using the SendGridAPIClient to send the emails. Thanks, Sean

Hey, How can i handle the session verification with supertokens if my App (React) is in offline mode?

Hi, I'm having an issue with React where login status is successful but the Session.doesSessionExist returns false. I'm ussing cookie headers. In one of my other apps with different supertokens core backend, it works. On my new one, it doesn't work. I notice a difference that one of them have an IdToken (works) and my second app that doesn't have IdToken in signin response - doesn't work. Is this a bug??