https://supertokens.com/ logo
Join Discord
Powered by
Hi. In my nestjs app, i have implemented the auth ...
# support-questions-legacy
a
Hi. In my nestjs app, i have implemented the auth guard. After a successfull login, at the next reuqest, my 
response.headersSent
is true and the user get redirected to login. So I guess that the verifySession is failed but i dont have info why it was failed even though the original login was successfull. the err is not set:
Copy code
await verifySession()(request, response, (res) => {
      err = res;
    });
how can I debug and understand why am i getting redirected to login page? Thanks
r
can you enable backend debug logs and then call the API? Also, whats the request and response headers for the API call?>
a
Hi, Thank you, this is what I see in the server side:
Copy code
com.supertokens {t: "2024-03-28T17:53:22.755Z", message: "middleware: Not handling because request path did not start with config path. Request path: /api/feed-proxy", file: "/home/avi/work/react-with-nestjs/node_modules/.pnpm/supertokens-node@16.6.5/node_modules/supertokens-node/lib/build/supertokens.js:152:26" sdkVer: "16.6.5"} +0ms
if I enter the wrong credencials, i get "Incorrect email and password combination" as expected. I am reminding the on the server side the login is successful. but I get the RESPONSE_SENT without any meaningful info. this is how I init: supertokens.init({ debug: true, supertokens: { connectionURI: process.env.SUPER_TOKENS_BASE_URL, apiKey: 'test', }, appInfo: { appName: 'Test', apiDomain: 
tenant-1.com
, websiteDomain: 
tenant-1.com
, apiBasePath: '/auth', websiteBasePath: '/', }, ....
r
so that error is only sent when the verifySession session function is called right? And that is called when your API is called. So, can I see all the log output from when you call your API?
and also, the HAR file of the API calls on chrome please.
a
Here is the full log, which you can see that the api call get blocked.... https://pastebin.com/0ggjMiaz
r
Have you added the supertokens exception handler as shown in the docs? https://supertokens.com/docs/thirdpartyemailpassword/nestjs/guide#exception-filter
and made sure that it is run after your API routes?
a
I have implemented somehitng similar since I have more needs, but the basic of your code is implemented. this is an example of exception caught in the interceptor, this error is related to ST
r
can you send it without the popup?
a
Copy code
export class AllExceptionsFilterImpl implements ExceptionFilter {
  private readonly logger = new Logger(AllExceptionsFilterImpl.name);
  constructor() {}

  catch(error: any | Error, host: ArgumentsHost) {
    console.log('error', error);
    const ctx = host.switchToHttp();

    const resp = ctx.getResponse();
    if (resp.headersSent) {
      return;
    }

    let code;
    const res: any = {};
    const httpRes = host.switchToHttp().getResponse();
    let data = '';
    try {
      const log = error;
      if (error.message) {
        log.message = error.message;
        log.stack = error.stack;
      }
      this.logger.error(JSON.stringify(log));

      let message = '';
      if (error instanceof WebError) {
        code = error.responseCode;
        message = error.message;
      }
      if (error.response) {
        code = error.response.statusCode || error.response.status;
        data = error.response.errors;
        message = error.response.message;
      }

      res.data = data;
      res.errorMessage = message;
      res.errorStack = error.stack;
    } catch (e) {
      this.logger.error(e, { message: 'Error in error interceptor' });
    }
    httpRes.status(code || HttpStatus.INTERNAL_SERVER_ERROR).json(res || {});
  }
}
(Thank you for the supprt effort)
r
do you have the 
@Catch(STError)
annotaion on top of this class?
oh. I see a console log in this.. thats whats priting it out.
So this error is thrown by our auth handler, and then the exception handler catches and ignores it (cause the response is already sent)
a
Im sorry, I dont get it yet... On localhost it works, but when I switch to use a domain it fails. This means that the interceptor is probably fine
r
so whats the issue that you are having?
just that the verifysession is failing right?
a
After a successfull login, I see the inner page for a second and immedietly I get disconnected
r
its cause the access token is not being passed in the request
whats the sign in API response header?
a
again, its like the cookey get lost
r
send me a screenshot of how you see it on chrome?
a
the login response?
r
yea
a
moment pls
r
whats the orange triangle say?
a
I think this is the problem, it is because on local I dont have ssl then the chrome policy is not saving the cookie. I will try to handle it and let you know. Thanks again for the time!
r
cool
a
On local, can I tell ST not to render the "secured" attribute in the cookie?
r
yea, you can set cookieSecure: false in session.init on the backend.
a
Working! I really really appreceate your kind help
7 Views
PreviousNext
Powered by