https://supertokens.com/ logo
sign out issue
m

miguelstevensbe

04/03/2023, 6:53 PM
Hi, I'm having an issue with
await Session.signOut();
not doing anything, I've checked that my NodeJS server has the middleware included. Is there anything else that I might be missing? I wrote the issue out here: https://stackoverflow.com/questions/75922766/supertokens-session-signout-method-not-working-in-vue
r

rp

04/03/2023, 7:09 PM
hey @miguelstevensbe Can i see the request headers sent to the sign out API call?
m

miguelstevensbe

04/03/2023, 7:09 PM
Sure! let me check
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en
Connection: keep-alive
Content-Length: 0
Cookie: auth_verification=%7B%22nonce%22%3A%22WO70wfjzDtOwdmW6CP8QanDvVba9zoLdnQNw2iazJOo%22%2C%22state%22%3A%22eyJyZXR1cm5UbyI6Ii9wcm9maWxlIn0%22%7D.b6hIjwbizpKDMXH6j9RLBbAgP2CmQfA3mmTKRCqDlw8
fdi-version: 1.16
Host: localhost:3001
Origin: http://127.0.0.1:5173
Referer: http://127.0.0.1:5173/
rid: session
sec-ch-ua: "Brave";v="111", "Not(A:Brand";v="8", "Chromium";v="111"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "macOS"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Sec-GPC: 1
st-auth-mode: cookie
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36
Request URL: http://localhost:3001/auth/signout Request Method: POST Status Code: 200 OK Remote Address: [::1]:3001 Referrer Policy: strict-origin-when-cross-origin
r

rp

04/03/2023, 7:12 PM
Right. Can i see the response headers for the sign in API call as seen on chrome? (a screenshot please)
m

miguelstevensbe

04/03/2023, 7:19 PM
Sure

https://cdn.discordapp.com/attachments/1092522264223826031/1092529038658121748/Screenshot_2023-04-03_at_21.20.15.png

This is the response for Request URL: http://localhost:3001/auth/signin Request Method: POST Status Code: 200 OK Remote Address: [::1]:3001 Referrer Policy: strict-origin-when-cross-origin
r

rp

04/03/2023, 7:22 PM
can you hover over the orange triangle?
m

miguelstevensbe

04/03/2023, 7:23 PM

https://cdn.discordapp.com/attachments/1092522264223826031/1092529737626308780/Screenshot_2023-04-03_at_21.23.01.png

r

rp

04/03/2023, 7:23 PM
right. Are you querying using 127.0.0.1?
m

miguelstevensbe

04/03/2023, 7:24 PM
I was using localhost:3001 in my Vue settings
I changed it to 127.0.0.1:3001 let me test
I think this is the solution! 😍 What do you think? is there a known issue with using localhost?
r

rp

04/03/2023, 7:27 PM
it's not an issue with supertokens. Browsers won't allow cross site cookies when using http
m

miguelstevensbe

04/03/2023, 7:28 PM
you mean when using 'localhost'?
r

rp

04/03/2023, 7:28 PM
no in general
m

miguelstevensbe

04/03/2023, 7:28 PM
So why does 127.0.0.1 work and localhost doesn't? Because localhost has to be resolved using http?
r

rp

04/03/2023, 7:30 PM
no cause you have loaded the site on localhost but are querying the api on 127.0.0.1. This makes it cross site.
m

miguelstevensbe

04/03/2023, 7:30 PM
Aaah right I see. Thanks! Makes sense,
Thanks for helping me this fast.
r

rp

04/03/2023, 7:31 PM
st-bot-test-case