Hey guys,
I am observing this weird behaviour ...
# support-questions-legacyu
.abhishek_
04/03/2023, 12:36 PMHey guys,
I am observing this weird behaviour where for POST requests body is empty when backend receives the request and i can see the payload in the browser when ui makes the api call...
is this something to do with supertokens configuration?
r
rp_st
04/03/2023, 12:39 PMhey @.abhishek_ can you elaborate?
u
.abhishek_
04/03/2023, 12:41 PMso basically when the ui makes the api call say with method
POSTr
rp_st
04/03/2023, 12:41 PMwhich API is this?
u
.abhishek_
04/03/2023, 12:43 PMit's not an API related to supertokens, it's part of my application
.abhishek_
04/03/2023, 12:43 PMi was just wondering does it have to do with any configuration on supertokens...
r
rp_st
04/03/2023, 12:44 PMit shouldn't
u
.abhishek_
04/03/2023, 12:45 PMmy UI running on my local machine, where as my backend is deployed as a https server on cloud
r
rp_st
04/03/2023, 12:45 PMim not sure that we can help here
u
.abhishek_
04/03/2023, 12:46 PMokay anyways thanks
.abhishek_
04/03/2023, 12:53 PMso i just removed the middleware session verification of supertoken for that API, it's working fine now
.abhishek_
04/03/2023, 12:53 PMso i guess it has something do with supertokens configuration
r
rp_st
04/03/2023, 12:53 PMHmmmm.
rp_st
04/03/2023, 12:53 PMWhich backend SDK?
u
.abhishek_
04/03/2023, 12:53 PMgolang
r
rp_st
04/03/2023, 12:54 PMCan I see how you are using the middleware?
rp_st
04/03/2023, 12:54 PMAnd which framework is this for?
u
.abhishek_
04/03/2023, 12:54 PM Copy code
func VerifySession(options *sessmodels.VerifySessionOptions) gin.HandlerFunc {
return func(c *gin.Context) {
session.VerifySession(options, func(rw http.ResponseWriter, r *http.Request) {
c.Request = c.Request.WithContext(r.Context())
c.Next()
})(c.Writer, c.Request)
// we call Abort so that the next handler in the chain is not called, unless we call Next explicitly
c.Abort()
}
}r
rp_st
04/03/2023, 12:54 PM@sattvikc can help here.
s
sattvikc
04/03/2023, 12:58 PMare you running ui on http ?
u
.abhishek_
04/03/2023, 1:07 PMyes
s
sattvikc
04/03/2023, 1:08 PMhave you checked if the tokens are being passed correctly along with the request?
sattvikc
04/03/2023, 1:10 PMalso, can you try with
SessionRequiredfalseVerifySessionOptionsr
rp_st
04/03/2023, 1:20 PM@sattvikc the issue is that "requests body is empty when backend receives the request" -> this probably means that SessionRequired is already false.
rp_st
04/03/2023, 2:06 PM@.abhishek_ can you help us reproduce this issue? So that we can fix it asap. Maybe open an issue about this on our GitHub describing your setup and the request being made.
u
.abhishek_
04/03/2023, 2:25 PMi set the
AntiCsrfNONEr
rp_st
04/03/2023, 2:26 PMi see. Were you setting SessionRequired to false?
u
.abhishek_
04/03/2023, 2:27 PMnope
but now requests are working fine from postman but from UI i am still having the same issue
r
rp_st
04/03/2023, 2:28 PMit seems that the session verification is failing, and instead of returning a 401, it's letting the API continue with execution?
s
sattvikc
04/04/2023, 4:45 AM@.abhishek_ please share debug logs from backend, while you perform the request from the UI. you can enable it by setting env SUPERTOKENS_DEBUG=1