Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
requestion / response question
a
Abhishek_
04/03/2023, 12:36 PMHey guys,
I am observing this weird behaviour where for POST requests body is empty when backend receives the request and i can see the payload in the browser when ui makes the api call...
is this something to do with supertokens configuration?
r
rp
04/03/2023, 12:39 PMhey @Abhishek_ can you elaborate?
a
Abhishek_
04/03/2023, 12:41 PMso basically when the ui makes the api call say with method
POSTr
rp
04/03/2023, 12:41 PMwhich API is this?
a
Abhishek_
04/03/2023, 12:43 PMit's not an API related to supertokens, it's part of my application
i was just wondering does it have to do with any configuration on supertokens...
r
rp
04/03/2023, 12:44 PMit shouldn't
a
Abhishek_
04/03/2023, 12:45 PMmy UI running on my local machine, where as my backend is deployed as a https server on cloud
r
rp
04/03/2023, 12:45 PMim not sure that we can help here
a
Abhishek_
04/03/2023, 12:46 PMokay anyways thanks
so i just removed the middleware session verification of supertoken for that API, it's working fine now
so i guess it has something do with supertokens configuration
r
rp
04/03/2023, 12:53 PMHmmmm.
Which backend SDK?
a
Abhishek_
04/03/2023, 12:53 PMgolang
r
rp
04/03/2023, 12:54 PMCan I see how you are using the middleware?
And which framework is this for?
a
Abhishek_
04/03/2023, 12:54 PMfunc VerifySession(options *sessmodels.VerifySessionOptions) gin.HandlerFunc {
return func(c *gin.Context) {
session.VerifySession(options, func(rw http.ResponseWriter, r *http.Request) {
c.Request = c.Request.WithContext(r.Context())
c.Next()
})(c.Writer, c.Request)
// we call Abort so that the next handler in the chain is not called, unless we call Next explicitly
c.Abort()
}
}r
rp
04/03/2023, 12:54 PM@sattvikc can help here.
s
sattvikc
04/03/2023, 12:58 PMare you running ui on http ?
a
Abhishek_
04/03/2023, 1:07 PMyes
s
sattvikc
04/03/2023, 1:08 PMhave you checked if the tokens are being passed correctly along with the request?
also, can you try with
SessionRequiredfalseVerifySessionOptionsr
rp
04/03/2023, 1:20 PM@sattvikc the issue is that "requests body is empty when backend receives the request" -> this probably means that SessionRequired is already false.
@Abhishek_ can you help us reproduce this issue? So that we can fix it asap. Maybe open an issue about this on our GitHub describing your setup and the request being made.
a
Abhishek_
04/03/2023, 2:25 PMi set the
AntiCsrfNONEr
rp
04/03/2023, 2:26 PMi see. Were you setting SessionRequired to false?
a
Abhishek_
04/03/2023, 2:27 PMnope
but now requests are working fine from postman but from UI i am still having the same issue
r
rp
04/03/2023, 2:28 PMit seems that the session verification is failing, and instead of returning a 401, it's letting the API continue with execution?
s
sattvikc
04/04/2023, 4:45 AM@Abhishek_ please share debug logs from backend, while you perform the request from the UI. you can enable it by setting env SUPERTOKENS_DEBUG=1