https://supertokens.com/ logo
requestion / response question
a

Abhishek_

04/03/2023, 12:36 PM
Hey guys, I am observing this weird behaviour where for POST requests body is empty when backend receives the request and i can see the payload in the browser when ui makes the api call... is this something to do with supertokens configuration?
r

rp

04/03/2023, 12:39 PM
hey @Abhishek_ can you elaborate?
a

Abhishek_

04/03/2023, 12:41 PM
so basically when the ui makes the api call say with method
POST
with json payload, on the backend when it receives the call the body is empty
r

rp

04/03/2023, 12:41 PM
which API is this?
a

Abhishek_

04/03/2023, 12:43 PM
it's not an API related to supertokens, it's part of my application
i was just wondering does it have to do with any configuration on supertokens...
r

rp

04/03/2023, 12:44 PM
it shouldn't
a

Abhishek_

04/03/2023, 12:45 PM
my UI running on my local machine, where as my backend is deployed as a https server on cloud
r

rp

04/03/2023, 12:45 PM
im not sure that we can help here
a

Abhishek_

04/03/2023, 12:46 PM
okay anyways thanks
so i just removed the middleware session verification of supertoken for that API, it's working fine now
so i guess it has something do with supertokens configuration
r

rp

04/03/2023, 12:53 PM
Hmmmm.
Which backend SDK?
a

Abhishek_

04/03/2023, 12:53 PM
golang
r

rp

04/03/2023, 12:54 PM
Can I see how you are using the middleware?
And which framework is this for?
a

Abhishek_

04/03/2023, 12:54 PM
func VerifySession(options *sessmodels.VerifySessionOptions) gin.HandlerFunc {
    return func(c *gin.Context) {

        session.VerifySession(options, func(rw http.ResponseWriter, r *http.Request) {
            c.Request = c.Request.WithContext(r.Context())
            c.Next()
        })(c.Writer, c.Request)
        // we call Abort so that the next handler in the chain is not called, unless we call Next explicitly
        c.Abort()
    }
}
r

rp

04/03/2023, 12:54 PM
@sattvikc can help here.
s

sattvikc

04/03/2023, 12:58 PM
are you running ui on http ?
a

Abhishek_

04/03/2023, 1:07 PM
yes
s

sattvikc

04/03/2023, 1:08 PM
have you checked if the tokens are being passed correctly along with the request?
also, can you try with
SessionRequired
set to
false
in the
VerifySessionOptions
makes the API work as expected ?
r

rp

04/03/2023, 1:20 PM
@sattvikc the issue is that "requests body is empty when backend receives the request" -> this probably means that SessionRequired is already false.
@Abhishek_ can you help us reproduce this issue? So that we can fix it asap. Maybe open an issue about this on our GitHub describing your setup and the request being made.
a

Abhishek_

04/03/2023, 2:25 PM
i set the
AntiCsrf
to
NONE
it started to work now
r

rp

04/03/2023, 2:26 PM
i see. Were you setting SessionRequired to false?
a

Abhishek_

04/03/2023, 2:27 PM
nope but now requests are working fine from postman but from UI i am still having the same issue
r

rp

04/03/2023, 2:28 PM
it seems that the session verification is failing, and instead of returning a 401, it's letting the API continue with execution?
s

sattvikc

04/04/2023, 4:45 AM
@Abhishek_ please share debug logs from backend, while you perform the request from the UI. you can enable it by setting env SUPERTOKENS_DEBUG=1