Hey, I'm trying to setup Apollo graphql + Nest.js by following the guide, and I manage to get the session info on a controller using the Auth guard and Session param decorator (from the guide) but not on a resolver. I tried (with inspiration from the graphql integration guide) to use a CanActivate guard and access the session with

GqlExecutionContext.create(context)

and also tried injecting the session param to the resolver with

export const User = createParamDecorator(
  (data: unknown, ctx: ExecutionContext) => {
    const x = GqlExecutionContext.create(ctx);
    const context = x.getContext();
    return context.session;
  },
);

with no success and couldn't find any code example that combines graphql + nest

Cookie session don't seem to work for iOS 15 when API is on subdomain. As you can see the signin works and responds with the cookie but the immediate refresh token requests simply fails

I'm building a simple application. At its current state, it seems fine to have my Remix SSR app, the PostgreSQL DB it uses, and SuperTokens on the same server. No Docker. Is it fine to just use a single API Key for SuperTokens in this case? Is it recommended to generate API keys? Is there a maximum character length for these keys?

For passwordless recipe implementation using web-js-sdk It's not clear from the docs which fn should I use. There are multiple fn is SDK reference. So I'm just guessing from the fn names that probably these are all the steps/code I need to have for authentication 1. Create passwordless code -

superTokensPasswordless.createCode({ email: "john@example.org" })

2. Now either they will type in the code in a form I provide or they will visit the email link. If they visit the link, I will get their code like this

const userInputCode = superTokensPasswordless.getLinkCodeFromURL()

3. Then I will verify the code -

superTokensPasswordless.consumeCode({ userInputCode: "8465AWETA" }).then((res) => { if(res.createdUser){ console.log(JSON.stringify(res.user))} })

Session should be automatically set now Am I missing anything?

Hey guys, what is the reason that Apple has a redirect to

/api/auth/callback/apple

and the others to

/auth/callback/google

for example? (notice the

/api

)

Hi there, can Supertokens work with Nextjs and Strapi?

Hey guys, trying the new passwordless login getting this

service: new STMPService({
                 ^

TypeError: STMPService is not a constructor `

This is kind of my situation too... Isn't the point of SSO to be able to login to multiple websites that have different domains? What exactly is ory hydra able to do that supertokens cannot? I have 3 sister websites with different domains. I'm looking to migrate part of their DBs to supertokens or ory in order to have SSO between them. But I still need to have it so that people have to actually register on each site to activate their profiles. Tho it should detect their username/email address when they've already signed up for one of the other sites.

For this question let's say I have two microservices A and B. I have two scenarios: API Gateway: A and B do not have to worry whether the user is logged in or not. The API Gateway is the single source of truth for them any request that passes through gateway is assumed to be authenticated and authorised. How should I implement supertokens in this case. A and B wants the requests to be authenticated: If A and B are to do session verification independently and If I use supertokens SDK in both of them won't the SDK expose its endpoint in both the application? And suppose I grew to 5 microservices then will I have to add boilerplate code of SDK in all 5 of them?

SuperTokens integration error in React JS project