https://supertokens.com/ logo
try refresh token issue
h

HimanshuKukreja

04/17/2023, 8:54 AM
Hey @rp I am trying to use supertoken's session in another microservice which will be connected to the common core, so as to verify the user session for other services as well. My auth service is written in Python (FastAPI) SDK and other microservice is written in Golang. For that I have connected both microservices to the same SuperTokens core instance and used supertokens init functions in the respective services. But, while doing so in the second service the api routes which are protected; on a request gives a response "try refresh token". Issue still persists even after reloading the page or even on hard refresh. I have checked the cookies as well. All the four cookies are setting up properly in both the services as they shared a common frontend. The api routes of the main supertokens service (in which /auth and /login functionality is used) are working fine.
r

rp

04/17/2023, 8:55 AM
hey @HimanshuKukreja can you enable the backend degug logs for the serivce that's failing and show me the output?
h

HimanshuKukreja

04/17/2023, 8:58 AM
on hitting the request it just shows 401 Unauthorized

https://cdn.discordapp.com/attachments/1097444877077323786/1097445905671655496/image.png

r

rp

04/17/2023, 9:01 AM
can you enable backend debug logs and show the ouput?
search our docs for backend debug logs
h

HimanshuKukreja

04/17/2023, 9:03 AM
okk sure
Debug logs are not showing for the request (I have enabled them) . I think init function is not calling on the request. I have made a sample fastapi application for this for testing I am calling using this api call
@router.get('/like_comment') 
async def like_comment(session: SessionContainer = Depends(verify_session())):
    user_id = session.get_user_id()
    print(user_id)
>
> this is my init() function >
init(
>     app_info=InputAppInfo(
>         app_name="demo",
>         api_domain="http://localhost:8000",
>         website_domain="http://localhost:3000",
>         api_base_path="/auth",
>         website_base_path="/auth"
>     ),
>     supertokens_config=SupertokensConfig(
>         connection_uri="http://localhost:3567",
>         api_key="BM29seIwT0gOhdYl=6uR4N=mNBKO1H"
>     ),
>     framework='fastapi',
>     recipe_list=[
>         session.init(), # initializes session features
>         thirdpartyemailpassword.init(
>             providers=[
>                 Google(
>                     client_id="1060725074195-kmeum4crr01uirfl2op9kd5acmi9jutn.apps.googleusercontent.com",
>                     client_secret="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",
>                     scope=["https://www.googleapis.com/auth/userinfo.profile"]
>                 )
>                 , Facebook(
>                     client_id="1634651033637646",
>                     client_secret="8e02b227e12aa764ffe665b87796a663"
>                 )
>             ]
>         ),
>         dashboard.init(api_key="supertokens"),
>         usermetadata.init(),
>         userroles.init()
>     ],
>     mode='asgi' # use wsgi if you are running using gunicorn
> )
> 
>
r

rp

04/17/2023, 9:57 AM
debug logs should get printed out if you call our getSession or verifySession function. Please try and get those.
h

HimanshuKukreja

04/17/2023, 10:06 AM

https://cdn.discordapp.com/attachments/1097444877077323786/1097463148165988423/image.png

r

rp

04/17/2023, 10:14 AM
right, are you sending the sIdRefreshToken as well? You need to make sure that the backend SDK being used in both the services are using the latest backend SDKs.
h

HimanshuKukreja

04/17/2023, 10:22 AM
yeah you are write there is version mismatch in the services.
Is it necessary that backend SDK and frontend both must have to be in their latest versions? Is some specific version of backend sdk can give compatibility issues with some version of frontend?
r

rp

04/17/2023, 10:34 AM