I'm seeing `TryRefreshTokenError: Signature has expired` being raised from the backend sometimes and...

.atambo

06/27/2023, 7:11 PM

I'm seeing

TryRefreshTokenError: Signature has expired

being raised from the backend sometimes and I'm wondering what I should do about it?

rp_st

06/27/2023, 7:13 PM

hey @.atambo

rp_st

06/27/2023, 7:13 PM

whats the error stack?

rp_st

06/27/2023, 7:14 PM

and when you get that error, does the backend send back a 401 to the frontend?

rp_st

06/27/2023, 7:20 PM

Also, it's quite late in the day for me (1 am), so i may end up responding sometime later in the day. But what would be helpful is: - Which backend sdk and backend sdk version is being used. - Which frontend SDK and frontend SDK version is being used? - Which core version is being used - Any error stack related to the above error? - Is there any way to reproduce it reliably? - When the error happens, does the backend send back a 401 to the frontend? If not, does it send a 500? If yes, does the frontend then attempt a session refresh? Thanks.

.atambo

06/27/2023, 9:07 PM

This is the stack trace:

Copy code

File 
"/opt/conda/envs/szl/lib/python3.10/site-packages/supertokens_python/recipe/session/framework/fastapi/__init__.py", line 42, in func
    session = await recipe.verify_session(
  File "/opt/conda/envs/szl/lib/python3.10/site-packages/supertokens_python/recipe/session/recipe.py", line 358, in verify_session
    return await self.api_implementation.verify_session(
  File "/opt/conda/envs/szl/lib/python3.10/site-packages/supertokens_python/recipe/session/api/implementation.py", line 90, in verify_session
    return await get_session_from_request(
  File "/opt/conda/envs/szl/lib/python3.10/site-packages/supertokens_python/recipe/session/session_request_functions.py", line 172, in get_session_from_request
    session = await recipe_interface_impl.get_session(
  File "/opt/conda/envs/szl/lib/python3.10/site-packages/supertokens_python/recipe/session/recipe_implementation.py", line 219, in get_session
    response = await session_functions.get_session(
  File "/opt/conda/envs/szl/lib/python3.10/site-packages/supertokens_python/recipe/session/session_functions.py", line 185, in get_session
    raise e
  File "/opt/conda/envs/szl/lib/python3.10/site-packages/supertokens_python/recipe/session/session_functions.py", line 153, in get_session
    access_token_info = get_info_from_access_token(
  File "/opt/conda/envs/szl/lib/python3.10/site-packages/supertokens_python/recipe/session/access_token.py", line 129, in get_info_from_access_token
    raise_try_refresh_token_exception(e)
  File "/opt/conda/envs/szl/lib/python3.10/site-packages/supertokens_python/recipe/session/exceptions.py", line 32, in raise_try_refresh_token_exception
    raise TryRefreshTokenError(ex) from None
supertokens_python.recipe.session.exceptions.TryRefreshTokenError: Signature has expired

.atambo

06/27/2023, 9:10 PM

Using fastapi middleware with the

supertokens-python

backend sdk version

0.14.6

.atambo

06/27/2023, 9:11 PM

Frontend is react native using the

supertokens-react-native

frontend sdk version

4.0.3

.atambo

06/27/2023, 9:12 PM

Not sure what the core version is

.atambo

06/27/2023, 9:24 PM

I believe the backend returns a 401 when this exception happens.

.atambo

06/27/2023, 9:24 PM

I haven't been able to reproduce it locally so I'm not sure how the mobile app frontend behaves.

.atambo

06/27/2023, 9:26 PM

So the frontend should like refresh the token or something when it gets a 401?

rp_st

06/28/2023, 4:21 AM

Yes. That should happen on its own unless there is a config issue. Are you using axios on the frontend? If yes, have you added our axios interceptors? Also, can I see the request and response headers of any API call that is protected by session verification on the backend?

.atambo

06/28/2023, 12:52 PM

I’m using fetch on the react native side of things and things do generally work. Unfortunately it seems to happen very infrequently and we do not log our HTTP headers so I don’t really know how the mobile app is behaving when this happens.

.atambo

06/28/2023, 12:53 PM

Is there a way for me to reproduce this error myself locally?

rp_st

06/28/2023, 1:01 PM

Fetch should work fine as well. So you could try this: - In the dev env, set the access token lifetime to something like 1 min in the core config. Restart the core and the python backend layer. - Login and create a new session. Make an API call from your mobile app that is protected by session verification. - Wait for 1 min (so the access token expires). - Make the same API call from your mobile app and this time, the backend should fail with a 401, and the frontend should auto refresh the session, and then call the API once again which should succeed. From the backend point of view, you will see: API call (401) -> Session refresh call (200) -> API call (200). If the above is happening, then you can ignore the

TryRefreshTokenError: Signature has expired

for now. But, just to be sure, maybe setup your backend so that the next time this type of error is logged out, you can check in your logs that the refresh API was called immediately after (which it should be).

rp_st

06/28/2023, 1:43 PM

Just checked, the error you see is cause the access token has expired. So as long as the above refresh flow works, you can ignore this error.

rp_st

06/28/2023, 1:44 PM

How come you are seeting this getting logged out? Have you enabled python backend SDK debug logging?

rp_st

06/28/2023, 4:36 PM

Unless you are working with @.atambo , can you please ask this on another thread. I would also need to know your session.init config on the frontend and backend.

rp_st

06/28/2023, 4:47 PM

Please ask on a separate thread. Thanks

7 Views

Previous Next

SuperTokens.com

SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).