https://supertokens.com/ logo
Using header based auth with Capacitor
r

romixch

04/14/2023, 9:48 AM
Hy everyone. I have trouble using tokenTransferMethod: 'header'. I want to ship my react app in a webview on iOS with CapacitorJs. I can't make the webview work with cookies on iOS so I thought I could switch to header based auth. So I just added tokenTransferMethod to my client configuration. The client seams to pick it up since I see the header "st-auth-mode: header" to be sent. But I don't see any header "Authorization" being sent to the server. I also added logging which tells me in the browser following interesting lines:
com.supertokens {t: "2023-04-14T09:32:58.495Z", message: "setAuthorizationHeaderIfRequired: token for header based auth not found", supertokens-website-ver: "16.0.1"}
I'm actually a bit confused. I would expect that the tokens are stored somewhere like the local storage and then attached from there. But they seam to be read from the cookies which should not be used as I stated to use headers. Is it my responsibility to persist the tokens somewhere? Am I missing something?
n

nkshah2

04/14/2023, 9:50 AM
Hi @romixch
You can refer to this file: https://github.com/RobSchilderr/capacitor-supertokens-nextjs-turborepo/blob/main/packages/lib/utils/capacitorCookieHandler.ts It implements a custom cookie handler that can be passed to SuperTokens to change the default behaviour of storing the auth token in cookies
Note: You pass this to SuperTokens when initialising the SDK
r

romixch

04/14/2023, 9:52 AM
Thank you for pointing to this! I will have a look at it and try to adopt it.
n

nkshah2

04/14/2023, 9:52 AM
Happy to help