Hi < rp st> I m working on the role authorization on the api SuperTokens.com #support-questions-legacy

Hi <@498057949541826571>, I'm working on the role ...

Sekai

04/21/2023, 5:43 PM

Hi @rp_st, I'm working on the role authorization on the api and I think I may have found a bug or maybe I'm missing something? so the code I am using is from the doc

Copy code

if (roles === undefined || !roles.includes("admin")) {
        // this error tells SuperTokens to return a 403 to the frontend.
        await superTokensNextWrapper(
            async (_next) => {
                throw new STError({
                    type: "INVALID_CLAIMS",
                    message: "User is not an admin",
                    payload: [{
                        id: UserRoles.UserRoleClaim.key
                    }]
                })
            },
            req,
            res
        )
    }
    // if it comes here, it means that the session verification was successful

I set the message to

Copy code

message: "User is not an admin"

but the api returns

Copy code

message: "invalid claim"

Also is there anyway to control the error handling so that instead of SuperTokens returning 403 to the frontend I return my own error to be more specific I am using SWR and hope to get the error from there somehow

Sekai

04/21/2023, 11:07 PM

I found the solution: You can set up SWR Config and throw errors inside the fetcher functions. That way you can handle errors. I don't know why there is a message field but I looked into STError and in the payload you can add a reason field. So in there you can put reason: "User is not an admin" and retrieve info about the error

rp_st

04/22/2023, 6:11 AM

makes sense! The message field is mostly due to legacy issues..

2 Views

Previous Next