https://supertokens.com/ logo
Join Discord
Powered by
Hey , i am currently implementing the email passw...
# support-questions-legacy
d
Hey , i am currently implementing the email password recipe, and it works perfectly locally, but as soon as i deploy it , i get 401 status on the /auth/session/refresh route
r
hey @devdev4117 can you enable backend debug logs and show the output when the refresh route is called?
d
Copy code
server  | 2023-04-21T11:32:05.930Z com.supertokens {t: "2023-04-21T11:32:05.930Z", message: "errorHandler: Error is from SuperTokens recipe. Message: Failed to verify access token", file: "/usr/src/app/node_modules/supertokens-node/lib/build/supertokens.js:302:30" sdkVer: "13.4.2"}
server  | 2023-04-21T11:32:05.930Z com.supertokens {t: "2023-04-21T11:32:05.930Z", message: "errorHandler: Checking recipe for match: emailpassword", file: "/usr/src/app/node_modules/supertokens-node/lib/build/supertokens.js:308:34" sdkVer: "13.4.2"}
server  | 
server  | 
server  | 2023-04-21T11:32:05.930Z com.supertokens {t: "2023-04-21T11:32:05.930Z", message: "errorHandler: Checking recipe for match: session", file: "/usr/src/app/node_modules/supertokens-node/lib/build/supertokens.js:308:34" sdkVer: "13.4.2"}
server  | 
server  | 2023-04-21T11:32:05.930Z com.supertokens {t: "2023-04-21T11:32:05.930Z", message: "errorHandler: Matched with recipeID: session", file: "/usr/src/app/node_modules/supertokens-node/lib/build/supertokens.js:312:38" sdkVer: "13.4.2"}
server  | 2023-04-21T11:32:05.930Z com.supertokens {t: "2023-04-21T11:32:05.930Z", message: "errorHandler: returning TRY_REFRESH_TOKEN", file: "/usr/src/app/node_modules/supertokens-node/lib/build/recipe/session/recipe.js:149:34" sdkVer: "13.4.2"}
Copy code
server  | 2023-04-21T11:35:59.366Z com.supertokens {t: "2023-04-21T11:35:59.366Z", message: "refreshSession: UNAUTHORISED because refresh token in request is undefined", file: "/usr/src/app/node_modules/supertokens-node/lib/build/recipe/session/recipeImplementation.js:466:30" sdkVer: "13.4.2"}
r
So the refresh token is not being sent to the api
What path is it querying? And what is the cookie path for the refresh token (you can see this in the response headers to the sign in api call)
d
/auth/session/refresh

https://cdn.discordapp.com/attachments/1098913926500073482/1098979385094189166/e5008a89-7192-49ea-8875-d7e8cd4425dd.png

This is what i get when i do document.cookie
r
Can I see a screenshot of the sign in response headers?
d
Copy code
access-control-allow-credentials: true
access-control-expose-headers: front-token
alt-svc: h3=":443"; ma=2592000
content-length: 247
content-type: application/json; charset=utf-8
date: Fri, 21 Apr 2023 14:25:41 GMT
etag: W/"f7-6UehJ7CxYknpw2PCrVtA9lwsYaI"
front-token: eyJ1aWQiOiI1NTFlYWEyNi0xMDc1LTQyZmMtOGMwMy1jNGMwYjRiMmE5YzQiLCJhdGUiOjE2ODIwODcxNTEyOTksInVwIjp7fX0=
server: Caddy
server: nginx/1.23.4
set-cookie: sAccessToken=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0%3D.eyJzZXNzaW9uSGFuZGxlIjoiNjkxODMwY2YtNmJlNy00MzQ0LWI0YzYtODVjMTRhMGY2NDlkIiwidXNlcklkIjoiNTUxZWFhMjYtMTA3NS00MmZjLThjMDMtYzRjMGI0YjJhOWM0IiwicmVmcmVzaFRva2VuSGFzaDEiOiJlMDBiN2QyM2M1NTJiMjkzOTk5OTljOWFkYTM5MjEzNWNkODI3ZWM1ZWE0Nzc2OGI1MTNhMzJiMDlhNTE4NmVkIiwicGFyZW50UmVmcmVzaFRva2VuSGFzaDEiOm51bGwsInVzZXJEYXRhIjp7fSwiYW50aUNzcmZUb2tlbiI6bnVsbCwiZXhwaXJ5VGltZSI6MTY4MjA4NzE1MTI5OSwidGltZUNyZWF0ZWQiOjE2ODIwODcxNDEyOTksImxtcnQiOjE2ODIwODcxNDEyOTl9.WrJfI3jUbvTwRCgv2gtsIn4r9INomZMLrXzozLZczaeKGRiGjb2A2gv87s%2B%2BlZ5e%2BaK%2Fvdt55MjlBUiT%2FXSB6EH0T6PMDZ2tKB40aiu8xPIBzzq29Kf0Vji%2BUQQ6Yx6xSfXnajiV5UsBXXNfKH%2Fsr04MTl%2F2eEduT8NwL03R%2FfQUx8EGzExPWhEqMJzveS7Qmy1GI1r3bqxFAhLFMe0XVXr4atE6YpwOoE%2FOpGV9wk7piuODSnk7I8vciUd03SqpZ%2Fmj9e%2FDENGoVP7HNAqI4qXx%2B%2BRNhmhSHBC7paguhpDsfhkeclKXov3BQ1EmWAd8d20dY%2FIPI%2Bga9gUdRZ%2BoCg%%3D; Path=/; Expires=Sun, 28 Mar 2123 14:25:41 GMT; HttpOnly; SameSite=Lax
set-cookie: sRefreshToken=mO7d8oQBSbgYHXpee92JOdJVXOOi5Ey1m4uA1o5jR3G2EFfghp1cWTg9cI9mpqYuIOX%2FyQGcFCHL9f2H7Zb0h6BSiqmeKVmQs9ZNJe8HgsscP23B%2BaFjsjyKes%2FCCw78jCLvDuhDezht%2FYbEecdn5VCZCENzEVr71wyaKoJNAm%2B0XI%2BdekP0wBc8%2BMS1l6vfkVmivGTz1jnXxj3WY8apX7I9xlYBQPZwQADMLjf2Q9uKUUkiACGtvl1hhmISSPPBhwT5Sg4ORC5SxFiNHi%2BB.1f2fbd2bb9139b1c1f0db1f2aee81f18054e787d0fb8f9e5b17a01c881.V2; Path=/auth/session/refresh; Expires=Sun, 30 Jul 2023 14:25:41 GMT; HttpOnly; SameSite=Lax
vary: Origin
x-powered-by: Express
r
Can I see a screenshot? Is there any orange warning triangle you see at the end of set-cookie header?
d
nope

https://cdn.discordapp.com/attachments/1098913926500073482/1099019234467663902/image.png

r
and whats the refresh API's path when the frontend tries to do a session refresh?
d
v1/auth/session/refresh v1 is just because of nginx , have set all routes through it
r
right. So on the backend, in the appInfo config (in supertokens.init), just add apiGatewayPath: 
"/v1"
d
got it
thanks a log
lot
r
great
d
hey now none of the auth routes are working
not found /auth/signup
r
whats the frontend appInfo setting and whats the backend appInfo setting?
d
both baseUrl are set to /v1 /auth
r
can i see the full config object please?
on both frontend and backend
d
Copy code
appInfo: {
        // learn more about this on https://supertokens.com/docs/session/appinfo
        appName: 'Testapp',
        apiDomain: 'http://lgns.rnarayan.tech/v1',
        websiteDomain: 'http://lgns.rnarayan.tech',
        apiBasePath: '/v1/auth',
        websiteBasePath: '/',
    },
backend ^
r
right. Change the apiBasePath to 
/auth
, and add apiGatewayPath: 
/v1
and on the frontend, set 
apiBasePath: '/v1/auth',
d
SuperTokens.init({ appInfo: { apiDomain: 'https://lgns.rnarayan.tech/v1', apiBasePath: '/v1/auth', appName: 'Testapp', }, frontent
r
frontend is correct
d
great! its working now, thanks
11 Views
PreviousNext
Powered by