https://supertokens.com/
Join Discord
Hello, I am having an issue that I don't really know how to articulate. Signing out is not revoking...
# support-questions-legacy
u
Hello, I am having an issue that I don't really know how to articulate. Signing out is not revoking the session like it was yesterday. I will post screenshots in the thread Managed core v5 btw
r
hey @.clicks can you show the signout API request and response headers?
u
r
can you enable backend debug logs and show the log output when the sign out API is called?
u
Sorry, I am unsure where to put this
Copy code
SET SUPERTOKENS_DEBUG=1
python app.py
nvm I was confused for a sec. Here are the logs when I attempt a signout
r
can you show me all of the request headers in the sign out API please? The previous one was just a small part of it
u
ofc
r
are you using header based or cookie based sessions?
u
cookie
r
then how come you have the 
st-access-token
in the cookie store on the frontend?
cause that's only set for header based auth
also, can you copy / paste the value of sAccessToken in the cookies here?
u
eyJraWQiOiJkLTE2OTEwMjA3MjgxOTMiLCJ0eXAiOiJKV1QiLCJ2ZXJzaW9uIjoiMyIsImFsZyI6IlJTMjU2In0.eyJpYXQiOjEuNjkxNDI2MjIyRTksImV4cCI6MS42OTE0Mjk4MjJFOSwiYW50aUNzcmZUb2tlbiI6bnVsbCwic3ViIjoiMGI5NzY2YmEtZjkxMy00M2ZmLWIyOGItZDU1ZTkwNjUwNWI1IiwiSW5fR2FtZSI6eyJSb2xlIjoiR00iLCJHYW1lIjoiMSIsIlBhcnR5IjoiTm9uZSJ9LCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwMDEvYXV0aCIsInNlc3Npb25IYW5kbGUiOiI1MjlmMTEzMC1kMjhlLTQxY2QtODBiNC1kNWVhMTZiYWMzOWEiLCJwYXJlbnRSZWZyZXNoVG9rZW5IYXNoMSI6IjllYTZhYWE5Yjg5MTgyZDFjNmYyZWY0MTNiNDk2MWI5YmFlN2IwZmNkYjMwNGUzMTNlOGYyYTE3MWFiZTliMDMiLCJlbWFpbCI6ImV4cGxvaXRlckBiYXIuY29tIiwicmVmcmVzaFRva2VuSGFzaDEiOiI5MDU0ZjczOThlNGUyOTRhYTVlYWZkOGJkNzdjYmQ1YjU2NjY2MzlmNmYxMmRkNDliZjBiMmIzYjYxOThjYjAxIiwidXNlcm5hbWUiOiJleHBsb2l0QWNjb3VudCJ9.tyDOd3sdkdu7BQDBiUxEUI70fbBgvsxuZpp6I-wYY7PHopGh6F-NlC2Y2BOgQnX5f44LtvliEodG_l0uS1HE54DwRIaM5omSfrv16PqYNWrrP2dsv8anLYiyPH2KJKOBKUx70SKkts_N6Z64igtHwUGI8hcZkWv_JaSY3073gHuQAzdHUMUEhxLE57SGUVL7SQrUdKZDmA7r1VyQTLYUCEyHkpk9ZVSKCLL1acFuAytSHLnty-ic67SdACCgmyW3w69ZqRPm635GCf_FBdWHj7zDW1CGTmLAAVhODmQCJZ5GiGKb8JAhKYadkln5T1_NEdcxVuf0DQyMdw1cOIVHtg
r
which version of the node sdk are you using?
u
0.31.5
r
the node sdk?
that doesn't seem like the right version.
check again pls.
oh right. You are using python
ok.
sorry, misunderstood
u
sorry, do you want the python sdk version?
r
are you using 2 backend SDKs of ours?
u
no, only python i misinterpreted what you were asking for
r
right ok
u
the sdk we're using for our backend is supertokens-python 0.13
r
ok i'll have to investigate this. Give me sometime.
u
got it, thank you very much!
r
@KShivendu please help here.
k
@.clicks send a latest access token please.
the previous one expired.
u
sure thing
eyJraWQiOiJkLTE2OTEwMjA3MjgxOTMiLCJ0eXAiOiJKV1QiLCJ2ZXJzaW9uIjoiMyIsImFsZyI6IlJTMjU2In0.eyJpYXQiOjEuNjkxNDMxNzkxRTksImV4cCI6MS42OTE0MzUzOTFFOSwiYW50aUNzcmZUb2tlbiI6bnVsbCwic3ViIjoiMGI5NzY2YmEtZjkxMy00M2ZmLWIyOGItZDU1ZTkwNjUwNWI1IiwiSW5fR2FtZSI6eyJSb2xlIjoiR00iLCJHYW1lIjoiMSIsIlBhcnR5IjoiTm9uZSJ9LCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwMDEvYXV0aCIsInNlc3Npb25IYW5kbGUiOiI1MjlmMTEzMC1kMjhlLTQxY2QtODBiNC1kNWVhMTZiYWMzOWEiLCJwYXJlbnRSZWZyZXNoVG9rZW5IYXNoMSI6IjkwNTRmNzM5OGU0ZTI5NGFhNWVhZmQ4YmQ3N2NiZDViNTY2NjYzOWY2ZjEyZGQ0OWJmMGIyYjNiNjE5OGNiMDEiLCJlbWFpbCI6ImV4cGxvaXRlckBiYXIuY29tIiwicmVmcmVzaFRva2VuSGFzaDEiOiIzNjRiNGYxMzEwZWE4NTE4MDdjYTQ1NGVjMmMxZGYyYWJjOTJiZWMzZmE2YzYxOTk0MDU3OWQxN2Q2ODAyZmFkIiwidXNlcm5hbWUiOiJleHBsb2l0QWNjb3VudCJ9.Y7sGkxEDB7sCpyU_PlGlvzaD5j60seXUDD7fbVJEYHxC-bo6tTmNFkaEYy45bZjyYLJTA9-u3w7oAzO_LOImYVvY7adBsJL640TukOGsfVsoIehQ-QUrrH6BLsIQbsrb_31lUT_RxX-b2O8hotl5bPkEeDampmfBgVfhPyRvmLZfBgtfmP7qlbBjOc7NfYGJSL-1Uiu9gNxp0PLHY4izDGJH-tyJemOSCEJagxnN08Z7TG7P1at5T8wLc00JS0NmiMEgjRscZ58oOhJoFYlV3xyE61fMOnWAOhJYQnpjQQVN-ElaibSsBAEr1KqDhy2ZcnJNGM6J8LZGTNgdoEqUIg
k
Okay. Basically it's throwing Exception: jwt header mismatch
Your header is:
Copy code
{
  "kid": "d-1691020728193",
  "typ": "JWT",
  "version": "3",
  "alg": "RS256"
}
This looks like a bug in the python SDK related to 
_allowed_headers
. Give me some time to validate.
r
@KShivendu if this is a bug, please fix is ASAP. Thanks
u
Thank you, let me know if you need anything on my end
r
If you could open an issue about this @.clicks it will be easier for us and you to keep track. Thanks
u
gotcha, will do
r
u
yes! is there anything else i should include?
r
Yea, maybe an example access token (the one from above will help). Thanks
u
added đź‘Ť
good morning, @rp_st was just wondering if there were any updates on this issue? if it isn't something that is a priority right now, what would our options be to make our auth stable again? We are unable to accurately test our features and our deployed app is also suffering from this
r
hey @.clicks unfortunately, we haven't been able to replcate this issue on our end. Would you be open for a call on Monday to help debug this?
If yes, you could pick a time that works for you here: https://calendly.com/supertokens-rishabh/internal-discussion-30-mins
u
absolutely, thank you
@rp_st quick update, we were able to get our deployed build functioning by swapping to the prod. ST keys. On deployed, we are able to signout/signin, signup and send requests to protected endpoints as expected However, on our development builds we are still having the same issues. In our issue, I posted a screenshot of our development core restricting any edits to configs and clearing data. Could be related?
r
Thanks. So just to confirm, it’s working on the prod instance, but not on dev? Let’s debug on Monday!
u
@rp_st here
r
@KShivendu
hey @.clicks - the issue should be solved now. Please try logging in and loggout out when connected to the dev instance from your python backend. In case the issue persists, lmk.
u
everything is working as expected now, thank you both for your time!
4 Views
PreviousNext
Powered by

SuperTokens.com

SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

Powered by