I'm deploying to vercel and using my own mysql db from another site. Where do I put the config.yaml file?

How to change password's mandatory default requirement(8 characters,...). I want to make it only 4 characters min. and no other mandatory requirement. For now, I can add my new validation using node sdk but not able to change the default validation.

How to change URLWithLinkCode in the frontend part? Here, ia my code. I want to modifie it and send it to user's mail.

Hey, usually the signOut flow just simply worked. I called two supertokens function at the frontend side (Next.js)

typescript
await EmailPasswordReact.signOut();
await EmailPasswordReact.redirectToAuth({ show: "signin" });

And it cleared all my cookies and redirected to the login page. It was pretty much it, but i noticed, that after i added a change password functionality to my site and after i successfully changed my password the EmailPasswordReact.signOut function call didn't cleared my cookies. I had to delete them manually then after a relogging, it worked just as before. I checked my backend(Nest.js) code and it seems fine

typescript
  @Post("/change-password")
  @UseGuards(AuthGuard)
  async changePassword(
    @Session() session: SessionContainer,
    @Body() changePasswordDto: ChangePasswordDto,
    @Res() res: Response
  ) {
    const { currentPassword, newPassword } = changePasswordDto;

    const userId = session.getUserId();
    const userInfo = await EmailPasswordNode.getUserById(userId);

    if (userInfo === undefined) {
      throw new Error("Should never come here");
    }

    const isPasswordValid = await EmailPasswordNode.signIn(userInfo.email, currentPassword);

    if (isPasswordValid.status !== "OK") {
      throw new BadRequestException("Hibás jelenlegi jelszó");
    }

    const response = await EmailPasswordNode.updateEmailOrPassword({
      userId,
      password: newPassword
    }).catch((error) => {
      console.log(error);
      throw new InternalServerErrorException("Váratlan hiba");
    });

    if (response.status !== "OK") {
      throw new InternalServerErrorException("Váratlan hiba");
    }

    await SupertokensSession.revokeAllSessionsForUser(userId);
    await session.revokeSession();

    return res.status(401);
  }

Do you guys have any idea what i did wrong ? Thanks for the answers in advance 🙂

hi, i am trying to integrate supertokens passwordless sign in up with flutter. Is making a http call to the backend according to the FDI in https://app.swaggerhub.com/apis/supertokens/FDI/1.13.0#/Passwordless%20Recipe/passwordlessSignInUpConsume a correct way to implement it?

Is there a way to have a hybrid scheme on how the access tokens are stored. In our case we have both our web app in nextjs and a chrome extension. For the web app I am fine with using cookies and it works well. However, browser extensions don't really support cookies and the suggested metholodogy for storing credentials seems to be to use localstorage with a JWT. I see that super tokens supports JWT, but I don't want to switch our nextjs application to JWT too if possible. Can I change the type based on a header or some configuration?

here in this doc , there are two ways we can verify jwt tokens , - Method 1) Using JWKS endpoint - Method 2) Using public key string Which method you guys recommend from performance point of view 😃 https://supertokens.com/docs/session/common-customizations/sessions/with-jwt/jwt-verification

I have some problems. I am currently following the quickstart guide for nodejs: https://supertokens.com/docs/emailpassword/quick-setup/backend But after installing the packages and setting the package.json to type=module I get the following error: internal/process/esm_loader.js:74 internalBinding('errors').triggerUncaughtException( ^ Error [ERR_UNSUPPORTED_DIR_IMPORT]: Directory import 'C:_root\projects\authentication\backend\node_modules\supertokens-node\recipe\session' is not supported resolving ES modules imported from C:_root\projects\authentication\backend\index.js if I set it to commonjs I get told to set it back to module, can someone help me?

I am trying to build a shopping cart in nextjs + supertoken auth(email+password and social login) I am able to do the authentication part successfully. I am just wondering how to store user data like address, previous purchases after authentication

Hi all, we've been evaluating Supertokens as well, we were researching the flow and session management and had a question around session extension. Are there accommodations for usage-based session extension, for example, from a public machine? We have a heavy use case on public machines, our existing system uses a 'short-medium term lived access token whose usage extends their expiry' type of session management. Additionally, we have a mobile use case (and additional cases in the future) that fits perfectly with the 'suggested flow' (which is why we're evaluating Supertokens in the first place). We'd like to utilize the suggested Supertokens flow, but with the ability to extend a short-term session based on usage. We were wondering if this was a use case and if there were recommendations around this type of behavior