https://supertokens.com/
Join Discord
hello, <@498057949541826571> , I have multiple frontends, and they are entirely different base doma...
# general
t
hello, @rp_st , I have multiple frontends, and they are entirely different base domains, how can I make supertokens work? I already used header based auth. The point is multiple frontend uses the same project, means same supertokens config.
r
hey @tomita0022 will these domains have a login UI in their own website? Or a common login Ui?
t
have their own login ui
r
yea, so you can just init our frontend sdk in each of the websites and use that to talk to the same apiDoamin (make sure to use header based auth)
t
thank you @rp_st
hey @rp_st , when i config with the origin in appInfo config, instead of websiteDomain, the origin function is called for every request?
there's 
console.log
but not logged actually.
r
Well, it’s called whenever you login and stuff. Not every request though.
Make sure you are using a version of the node SDK which actually has that property. See the types in our SDK
t
I can see it's defined.
r
Right. So it will be called during sign in for example
If it’s not. Maybe you haven’t pushed your code, or if you have multiple inits on the backend, that could be an issue too. Not sure
t
multiple inits? how can i do it? calling 
supertokens.init
for each frontend, different domain?
r
no i mean if you have done supertokens.init multiple times on the backend.
and if you have changed the config of the second init.. it wont be picked up at all.
t
I did supertokens.init multiple times, because supertokens backend has to deal with different frontend domains. Each config has different front, back end base urls, and different cookie domain. is it alright?
r
right yea. So remove all of them and just put one
and in that one init, use the origin function
and then you will see that the origin function will be called
t
if i put one, how can i handle different cookie domains?
r
you dont need to
cookie domain is related to the api domain.
Whereas you have multiple frontend domains right?
you dont need to set cookieDomain explicitly anywy
t
i have to set cookieDomain explicitly, because there're 2 backends, one for supertokens - auth, one for business logic. Root domain of those 2 backends is not the same. lol.
r
ah well. Then using cookie based auth will not work anyway
use header based auth instead
t
i already used.
r
so then you dont need to set cookieDomain
t
omg, i used header based auth, but there's no authorization header in request.
r
are you querying the configured api domain in this request? Or the other backend domain?
t
other backend domain.
r
right. So see this: https://supertokens.com/docs/session/common-customizations/sessions/disable-interception Butinstad of disabling the interception, return true when the input apiDomain points to your other domain
something like this:
Copy code
Session.init({
    override: {
        functions: (oI) => {
            return {
                ...oI,
                shouldDoInterceptionBasedOnUrl: (url, apiDomain, sessionTokenBackendDomain) => {
                    if (apiDomain === "my other backend") {return true}
                    return oI.shouldDoInterceptionBasedOnUrl(url, apiDomain, sessionTokenBackendDomain);
                }
            }
        }
    }
})
t
when 
shouldDoInterceptionBasedOnUrl
is called?
r
everytime you make an api call from the frontend
t
thx a ton, it works,
9 Views
PreviousNext
Powered by

SuperTokens.com

SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

Powered by