https://supertokens.com/ logo
nextauth to supertokens questions
s

Smultar

05/16/2023, 2:39 PM
I'm new to SuperTokens and wanted to get some questions answered about using it, with a transition from NextAuth to SuperTokens
r

rp

05/16/2023, 2:41 PM
hey @Smultar please ask
s

Smultar

05/16/2023, 2:42 PM
As the question mentions above, I use NextAuth.
Something that limits me is that, nextauth doesnt allowed me to allow logins from other locations besides my website.
I'm making my app into a desktop app and I was wondering if I can use SuperTokens to handle logins outside of my website for user authenication
r

rp

05/16/2023, 2:44 PM
yea, that would work. I would recommend that you setup supertokens for your website first and see how it works. Once you have clarity on that, it should be fairly straightforward for how to get it to work for your desktop app as well
since this is a very generic question that you asked, i won't be able to answer it here. But if you have very specific questions, please feel free to ask 🙂
s

Smultar

05/16/2023, 2:45 PM
Next question
With user session objects, how are they accessed on the front end.
Will I have the ability to tell of someones email/id and etc?
r

rp

05/16/2023, 2:45 PM
yes
the session's access token payload is available on the frontend
you can add custom claims to it like (email etc), and then read that on the frontend
s

Smultar

05/16/2023, 2:46 PM
Can I edit/add stuff to this payload over time.
r

rp

05/16/2023, 2:46 PM
yes
s

Smultar

05/16/2023, 2:47 PM
If someone is rejects cause they have no login
They are directed to the login page.
Is it possible to redirect them back to the original page upon login @rp
r

rp

05/16/2023, 2:48 PM
yes
please see our docs 🙂 Would give you clarity.
s

Smultar

05/16/2023, 2:48 PM
I am reading them right now.
It just some things I havent seen in the docks yet
current reading nextjs segment
r

rp

05/16/2023, 2:49 PM
it's all there 🙂 Maybe search for it first
s

Smultar

05/16/2023, 2:50 PM
can I use other database types besides MySQL?
op never mind.

https://cdn.discordapp.com/attachments/1108040956239941775/1108043892789612696/image.png

r

rp

05/16/2023, 2:50 PM
we only support mysql and postgresql
s

Smultar

05/16/2023, 2:50 PM
I found the mongo
r

rp

05/16/2023, 2:50 PM
mongodb has limited support only
s

Smultar

05/16/2023, 2:51 PM
wait so how does that work then?

https://cdn.discordapp.com/attachments/1108040956239941775/1108044039749632010/image.png

session management?
r

rp

05/16/2023, 2:51 PM
yup
session management is there in mongo
s

Smultar

05/16/2023, 2:51 PM
wouldn't you need to login to get a session?
r

rp

05/16/2023, 2:51 PM
so you can pass in any user ID to the session recipe we have and it would create tokens etc
and login is something that you can handle yourself using something else
s

Smultar

05/16/2023, 2:52 PM
cause I use mongo db for my current application rn
r

rp

05/16/2023, 2:52 PM
right. If you want to use login features too of supertokens, consider our managed service in this case or then host mysql / postgresql as well
s

Smultar

05/16/2023, 2:52 PM
and I would like to have session management within mongo, cause its how users log out other devices.
r

rp

05/16/2023, 2:53 PM
if you only want to use the session management feature of ours, you can use mongodb
s

Smultar

05/16/2023, 2:54 PM
I'm slightly confused.
If I integrate supertokens right... Login services will be handled with the backend API with nextjs right.
Is mongodb only used for sessions only?
After the login with the backend api?
r

rp

05/16/2023, 2:55 PM
we only support mongodb for our session recipe
if you use mysql / psql, you can use any feature we have
we decouple our features (recipe is what we call them), so you can use our session only feature without using our login feature
s

Smultar

05/16/2023, 2:55 PM
ok so I dont understand what the session recipe is and what features you get with mysql vs nosql
r

rp

05/16/2023, 2:55 PM
see our docs please.
you get all features with sql. You only get session recipe with mongodb.
does this make sense?
s

Smultar

05/16/2023, 2:58 PM
I understand that, but I don't understand what the session recipe is.
r

rp

05/16/2023, 2:59 PM
see the session recipe docs. It explains it clearly 😅
s

Smultar

05/16/2023, 2:59 PM
Im reading what you sent me rp

https://cdn.discordapp.com/attachments/1108040956239941775/1108046073005604936/image.png

r

rp

05/16/2023, 2:59 PM
ah right. So that's missing in the session recipe docs
s

Smultar

05/16/2023, 2:59 PM
It points me back to the NextJS Docs which I just read which tells me how to integrate.
r

rp

05/16/2023, 3:00 PM
see the non nextjs code snippets for session recipe. Maybe that will make it clearer.
essentially, the session recipe does session management only. You provide it a user id and we return access + refresh tokens using which you can manage your app's sessions.
we don't care where the user ID comes from.
Also, i see that you booked a call with us - if you only have technical quesitons, it's best to ask them here instead of a call.
Or would you like to discuss something else over a call?
s

Smultar

05/16/2023, 3:03 PM
Well, you answered my question over if SuperTokens would allow authentication on a different scale.
r

rp

05/16/2023, 3:03 PM
right
s

Smultar

05/16/2023, 3:04 PM
I'm just having a hard time with your docs a lil bit. I see what session recipes are now, via what you explained.
r

rp

05/16/2023, 3:04 PM
hmm
so you should pick a recipe based on the login method you want and use our managed service
ignore the mongodb stuff cause we don't yet fully support it
s

Smultar

05/16/2023, 3:05 PM
Yeah.
What I was hoping to do is to basically. Whenever someone logins, I get thoses refresh tokens/session and add it as an object in my mongodb database.
So users can see this on the frontend and invalidate sessions remotely.
r

rp

05/16/2023, 3:06 PM
right. You can do that still. Once users login via supertokens, you can override the create new session function on the backend to insert stuff into mongodb yourself.
s

Smultar

05/16/2023, 3:07 PM
I see that right here
r

rp

05/16/2023, 3:07 PM
yup.
s

Smultar

05/16/2023, 3:09 PM
If this works, I'll be able to convince my boss at work to let us swap our application login system.
r

rp

05/16/2023, 3:09 PM
sounds good.
Let us know if you have any other questions.
s

Smultar

05/16/2023, 3:09 PM
I always like to experiment first with my own stuff before recommending ya know
r

rp

05/16/2023, 3:09 PM
after you have tried it out 🙂
s

Smultar

05/16/2023, 3:10 PM
I will! Thank you for handling my silly questions @rp
r

rp

05/16/2023, 3:10 PM
for now, i have cancelled our call cause i think this answered your questions already. Hope that's ok
s

Smultar

05/16/2023, 3:10 PM
Thats fine!
So you know what im working on
My desktop application will support my app locally and allow privillaged intent for downloads and etc.
r

rp

05/16/2023, 3:11 PM
cool!!
s

Smultar

05/16/2023, 3:11 PM

https://cdn.discordapp.com/attachments/1108040956239941775/1108049200970743839/image.png

r

rp

05/16/2023, 3:11 PM
let us know when launched
s

Smultar

05/16/2023, 3:12 PM

https://cdn.discordapp.com/attachments/1108040956239941775/1108049224215564368/image.png

Were already partially live
r

rp

05/16/2023, 3:12 PM
looks quite fancy!
s

Smultar

05/16/2023, 3:12 PM
You can see the status here
and the app here.
I still have a few more patches till its stable, but its a work in progress.
I do have one more question.
If I have multiple sub-domains... would that affect authentication ?
I guess, it would, cause cookies are per sub-domain?
r

rp

05/16/2023, 3:14 PM
You can share one session across sub domains or keep them isolated to one sub domain.
s

Smultar

05/16/2023, 3:14 PM
OOO
THAT GOD TIER
Were can I read up on this @rp, in the docs?
s

Smultar

05/16/2023, 3:16 PM
Now to do that effectivetly. Would I need to have a seperate microservice or can each server have their own nextjs middleware?
r

rp

05/16/2023, 3:16 PM
im not sure i understand the question
s

Smultar

05/16/2023, 3:17 PM
So basically.
I have live, beta, dev and preview versions of the website. Each version is for testing and phases of development.
Each server, handles their own login system right now with next auth, so unique per sub domain.
If I were to use
.aetherlink.app
as the documentation states. I would be integrating SuperTokens into each instance.
r

rp

05/16/2023, 3:19 PM
yea i mean different dev envs should have their own full setup of supertokens
s

Smultar

05/16/2023, 3:19 PM
Would this mess with that, or would you advise a separate service?
r

rp

05/16/2023, 3:19 PM
in our managed service, we provide you with a dev and prod env. If you want more, you can request us for more envs (at a cost though)
or self host the extra cores yourself connected to mysql / psql
s

Smultar

05/16/2023, 3:21 PM
Can I buy you a coffee for your time @rp
r

rp

05/16/2023, 3:25 PM
tweet about us instead 🙂
s

Smultar

05/16/2023, 3:25 PM
I will