https://supertokens.com/ logo
Production env
y

yuriy

04/27/2023, 5:31 PM
Hi there, It seems that something happened with our production environment (tech@offscript.io account) since the users of our platform are not able to authenticate with Supertokens anymore. Everything works fine with the development environment. I also get an error when trying to export production users to CSV (see attached), but it works fine when doing it for dev env users. So I assume these 2 issues can be connected. Can you please check the logs on your end? Thank you so much, Yuriy

https://cdn.discordapp.com/attachments/644849840475602944/1101198905946951690/Screenshot_2023-04-27_at_19.18.00.pngโ–พ

r

rp

04/27/2023, 5:32 PM
Hey @yuriy if you visit the connection uri on the /hello path, what do you see?
y

yuriy

04/27/2023, 5:33 PM
I see "Hello"
r

rp

04/27/2023, 5:33 PM
Right. So the core is working as expected.
We will investigate why you can get the CSV, but the core is working
You should check your backend perhaps
y

yuriy

04/27/2023, 5:34 PM
We can do it, but we haven't changed anything in months, all our services are operational, and authentication stopped working 2 hours ago
r

rp

04/27/2023, 5:35 PM
Do you see any error stack on your backend?
The core is working fine on our side for sure.
When you try and sign up on your website, what error do you see?
y

yuriy

04/27/2023, 5:36 PM
No, unfortunately, I don't see any errors, it is a little bit complex to explain
r

rp

04/27/2023, 5:36 PM
Hmm
What happens if you sign up on your site?
y

yuriy

04/27/2023, 5:36 PM
But I hope it would be possible for you to check the logs yielded by our organisation?
r

rp

04/27/2023, 5:37 PM
We can check the logs, but it has no errors at all.
y

yuriy

04/27/2023, 5:37 PM
What is the time of the latest request?
r

rp

04/27/2023, 5:37 PM
Let me check
y

yuriy

04/27/2023, 5:39 PM
And what was the email of the user that was created last?
r

rp

04/27/2023, 5:43 PM
The last api was 2 mins ago
From the logs it seems that your backend is restarting for some reason
y

yuriy

04/27/2023, 5:45 PM
In which way?
r

rp

04/27/2023, 5:46 PM
You use serverless functions right?
y

yuriy

04/27/2023, 5:47 PM
Yes, we have our auth service on AWS ECS
r

rp

04/27/2023, 5:47 PM
Right ok. So the restarting comment can be ignored
y

yuriy

04/27/2023, 5:47 PM
I don't see any indication of it
The container is running as expected
r

rp

04/27/2023, 5:48 PM
So is the supertokens core
y

yuriy

04/27/2023, 5:49 PM

https://cdn.discordapp.com/attachments/1101198906190217216/1101203423577264138/Screenshot_2023-04-27_at_19.49.03.pngโ–พ

r

rp

04/27/2023, 5:49 PM
So what happens if you sign up on the site? Does it give a 500 error?
y

yuriy

04/27/2023, 5:50 PM
I can't really confirm it, since I don't see any logs from the container on AWS
r

rp

04/27/2023, 5:50 PM
What happens on the frontend?
Try and sign up. See what happened
Email of the last user kolll@ff.com
y

yuriy

04/27/2023, 5:55 PM
This sounds right. We don't really use the signup screen, we do it through
signUpPOST
method
r

rp

04/27/2023, 5:55 PM
Hmmm.
Is there anything you can test using a frontend?
Cause really, it seems all fine from our end.
We can even download the CSV via out api
y

yuriy

04/27/2023, 5:56 PM
Trying now
Still on it
r

rp

04/27/2023, 6:07 PM
Oky
y

yuriy

04/27/2023, 6:12 PM
Ok, I was not able to tap into the code that handles signing up
But our config looks like this
supertokens: { connectionURI: process.env.SUPERTOKENS_DOMAIN as string, apiKey: process.env.SUPERTOKENS_API_KEY as string, }, framework: "express" as TypeFramework, appInfo, recipeList: [ EmailPasswordNode.init({ override: { apis: (originalImplementation) => { return { ...originalImplementation, signUpPOST: async (input: any) => { if (originalImplementation.signUpPOST === undefined) { throw Error("Should never come here") } const response = await originalImplementation.signUpPOST(input) if (response.status === "OK") { const { id, email } = response.user // New user was created await fetchApi(
${websiteDomain}/api/users/create
, { id, email, }) Sentry.addBreadcrumb({ category: "auth", message: "Registered user " + email, level: Sentry.Severity.Info, }) } return response }, signInPOST: async (input: any) => { if (originalImplementation.signInPOST === undefined) { throw Error("Should never come here") } const response = await originalImplementation.signInPOST(input) if (response.status === "OK") { const { email } = response.user Sentry.addBreadcrumb({ category: "auth", message: "Authenticated user " + email, level: Sentry.Severity.Info, }) } return response }, } }, },
It is the part of it that should override the standard SignUp functionality
Somehow I don't have any evidence that the callbacks are actually being called
Ok, I think I was looking at the wrong place
Ok, so when I sign up, I do get something that looks right:
{
  status: 'OK',
  user: {
    id: 'f1c2f8e6-90f4-471f-bdbd-34f6756bf7b1',
    email: 'kokokoko@h.com',
    timeJoined: 1682620066503
  }
}
r

rp

04/27/2023, 6:38 PM
Right. So this is working
y

yuriy

04/27/2023, 6:39 PM
I am trying to figure out what are we getting back when signing in
Btw, is supertokens sending requests to https://ah.offscript.io/webhook ?
r

rp

04/27/2023, 6:54 PM
Nope.
y

yuriy

04/27/2023, 6:57 PM
When initialising supertokens, we are setting both apiDomain and websiteDomain to be https://ah.offscript.io
r

rp

04/27/2023, 6:57 PM
Okay. Is this related to the webhook question?
y

yuriy

04/27/2023, 6:57 PM
Yes
r

rp

04/27/2023, 6:57 PM
We donโ€™t have the concept of webhooks
All the requests to the core goes via our backend
There have been no errors on the core service that we manage
y

yuriy

04/27/2023, 7:00 PM
Yes, thanks a lot for your help. I feel like I need to dig deeper into our authenication flow tomorrow since it is quite complex.
Would it be ok to contact you in case if I find something related to supertokens?
r

rp

04/27/2023, 7:01 PM
Yea fair enough.
You can message right here
Iโ€™ll reply when I have time ๐Ÿ™‚
y

yuriy

04/27/2023, 7:01 PM
Thanks. 1 last thing - have you seen any log in requests from us?
r

rp

04/27/2023, 7:01 PM
Yes. We have.
And those requests all succeed
So your backend is querying the core for sure.
y

yuriy

04/27/2023, 7:02 PM
Yes, I understand, thanks a lot for your help
Hi, @rp ! Sorry for bothering you yesterday. After a more thorough investigation, we identified that the issue was with Hasura, but not Supertokens. Thanks again! ๐Ÿค
r

rp

04/28/2023, 10:26 AM
right! sounds good ๐Ÿ™‚