https://supertokens.com/ logo
Join Discord
Powered by
Hi <@498057949541826571> ```async validateUserCod...
# general
a
Hi @rp_st
Copy code
async validateUserCode(userCode: VerifyCodeDto, res: any, id: RecipeUserId, userId: string) {
    const verified = await consumeCode({
      preAuthSessionId: userCode.preAuthSessionId,
      deviceId: userCode.deviceId,
      tenantId: TENANT_PUBLIC,
      userInputCode: userCode.userInputCode,
    });
    if (verified.status == RESPONSE_STATUS.OK) {
      await deleteUser(verified.user.id, true);
      if (verified.user.emails.length > 0) {
        const update = await updatePasswordlessUser({
          recipeUserId: id,
          email: verified.user.emails[0],
        });
        const tokenRes = await EmailVerification.createEmailVerificationToken(
          TENANT_PUBLIC,
          id,
        );
        if (tokenRes.status === RESPONSE_STATUS.OK) {
          await EmailVerification.verifyEmailUsingToken(
            TENANT_PUBLIC,
            tokenRes.token,
          );
        }
        const metaData = await UserMetadata.getUserMetadata(userId)
        const existingMetaData = metaData.metadata
        if(!existingMetaData?.username){
          existingMetaData.username = verified.user.emails[0].split('@')[0]
          await UserMetadata.updateUserMetadata(userId,existingMetaData)
        }
        await 
        res.status(HttpStatus.OK).send(update);
      } else if (verified.user.phoneNumbers.length > 0) {
        const update = await updatePasswordlessUser({
          recipeUserId: id,
          phoneNumber: verified.user.phoneNumbers[0],
        });
        res.status(HttpStatus.OK).send(update);
      }
      return;
    }
    res.status(HttpStatus.UNAUTHORIZED).send(verified);
    return;
  }
I am trying to update the users email/phoneNumber with the existing session, now i want that once the user is updated then a new access and refresh token should be assigned. how can i achieve thsi
r
hey @anurag06557 call the create new session function
a
also,Sometimes when a token expires for getting user details, I try to get a new one with a refresh token endpoint, but sometimes I get a response for the refresh token as "unauthorized" or "token theft ". What is an ideal way to handle this and get the user details seamlessly? this we are facing more occasionally, any specific reason or solution that can be implemented
r
you shouldnt ahve to manually call the refresh api. Our frontend sdk interceptors should do it for you
im not sure about your setup, so i can't really help much here. But see our docs / example apps.
Good luck!
4 Views
PreviousNext
Powered by