https://supertokens.com/ logo
Hi rp 5569 I m working on the role
s

Sekai

04/21/2023, 5:43 PM
Hi @rp, I'm working on the role authorization on the api and I think I may have found a bug or maybe I'm missing something? so the code I am using is from the doc
if (roles === undefined || !roles.includes("admin")) {
        // this error tells SuperTokens to return a 403 to the frontend.
        await superTokensNextWrapper(
            async (_next) => {
                throw new STError({
                    type: "INVALID_CLAIMS",
                    message: "User is not an admin",
                    payload: [{
                        id: UserRoles.UserRoleClaim.key
                    }]
                })
            },
            req,
            res
        )
    }
    // if it comes here, it means that the session verification was successful
I set the message to
message: "User is not an admin"
but the api returns
message: "invalid claim"
Also is there anyway to control the error handling so that instead of SuperTokens returning 403 to the frontend I return my own error to be more specific I am using SWR and hope to get the error from there somehow

https://cdn.discordapp.com/attachments/644849840475602944/1099027702931005570/image.png

I found the solution: You can set up SWR Config and throw errors inside the fetcher functions. That way you can handle errors. I don't know why there is a message field but I looked into STError and in the payload you can add a reason field. So in there you can put reason: "User is not an admin" and retrieve info about the error
r

rp

04/22/2023, 6:11 AM
makes sense! The message field is mostly due to legacy issues..