rp
03/26/2020, 5:29 AMgetSession
function.
Since yours is a mobile app, UNAUTHORISED
should send session expired status code (440). In this case, the frontend SDK will throw this status code to your code and then you can take the user back to the login screen.
In case of TRY_REFRESH_TOKEN
, you also need to send 440. The frontendSDK will take care of calling your refresh API and regenerating the session.
If you want to test your middleware via postman, then you have to first create a session by calling you login API. That will return a few tokens (in headers and cookies). You must then pass those tokens to any of your APIs that you this middleware as cookies and headers. Which token goes where can be seen here: https://supertokens.io/docs/nodejs/usage-without-express/verify-session
You can recreate tables without the need for a new license. However of course, your data will be lost.
For options API, you can have something like app.options("*", function...)
. Using *
should make all OPTION calls go to this API. However, you will have to make Access-Control-Allow-Methods
POST
, GET
, etc... depending on how many types of APIs you have.