https://supertokens.com/ logo
Session.doesSessionExist() calling refresh
r

ronflai

05/09/2023, 9:07 AM
Hello there ! Is it normal that the
Session.doesSessionExist()
called the refresh endpoint, event on a fresh private browser session with no supertokens related cookies ?
n

nkshah2

05/09/2023, 10:18 AM
Hi @ronflai Do you see the refresh API being called on page load? or when you call
Session.doesSessionExist()
? The frontend SDK attempts to check for a session on page load which can result in a call to the refresh API
r

ronflai

05/09/2023, 11:12 AM
I can see the refresh API being called when we call the Session.doesSessionExist()
n

nkshah2

05/09/2023, 11:30 AM
Right so it is expected for a refresh call to be made if you call doesSessionExist and there are no local tokens present
(cookies or otherwise)
r

ronflai

05/09/2023, 11:54 AM
Is there any function that we can call to check if there is an existing "local session" before calling the API ? I ask the question because we are doing a lot of "not necessary" calls to our API and i we can prevent that would be great.
n

nkshah2

05/09/2023, 11:59 AM
What SDK are you using for the frontend?
r

ronflai

05/09/2023, 12:03 PM
supertokens-web-js
n

nkshah2

05/09/2023, 12:23 PM
You could switch to using headers instead if session cookies (you can refer to our docs for this). And then manually check if
st-access-token
is present in
document.cookie
r

ronflai

05/09/2023, 12:43 PM
we already using headers so we can indeed check for st-access-token in the cookies but I wanted to know why you're not doing that in the
doesSessionExist
before calling the API ?
n

nkshah2

05/09/2023, 12:44 PM
Well the sdk assumes that you could have existing sessions with cookies (if someone migrated to using sessions after their initial launch)
In which case absence of the access token does not always imply absence of a session so we call refresh to make sure
r

ronflai

05/09/2023, 12:50 PM
Ok got it. Thanks