Hello, I am running a setup of nest.js and hasura with supertokens thirdparty-email and sessions, my frontend is react native and we do GraphQL queries to the hasura API with Apollo except for our login that’s just a rest endpoint in our nest.js backend where we use axios. The security is setup so that hasura receives the requests and then it forwards the headers to our who-am-i endpoint that in turn extract the userID from the session with your SessionContainer class after which it refactors the headers into a format that hasura can understand and responds back to hasura with that, hasura in turn uses that for it’s query that then gets sent back to the frontend. 

All of this has been working as expected in our local development environment, but once we started hosting it things went wrong. I’ve console.logged inside of the login method in the nest.js backend to see that a correct session is returned, which it is, and we’ve used the react-native SDK to see that a session is created which it is as well as console.log() on our app context to see that the session is there as expected. But none the less no headers gets attached to our Apollo requests, does anyone have any idea what could be causing this?

 P.S I’ve also checked the instance of supertokens-core and everything seems to be working as expected there as well. What's really confusing me here is that the frontend seems to have all the data, both in the ctx and when doing checks with your SDK, but it none the less is not used in the apollo requests.

hey @Lindo (Hannes Colt)

Normally, when we host locally, but once we brought it into a kubernetes hosted dev mode they no longer get attached

what is the api domain and website domain for this new env?

SUPERTOKENS_API_DOMAIN=https://backend-dev.prima.farmo.network SUPERTOKENS_WEBSITE_DOMAIN=https://backend-dev.prima.farmo.network SUPERTOKENS_CONNECTION_URI=https://auth-dev.prima.farmo.network These are our envs, we currently don't really have a website- as we're just an application atm, as I said we use react native.

ah right

When developling locally we use http with localhost, now that we're trying to host it with kubernetes we use https

hmm. This might require some investigation from our side. React native cookie handling is strange

Okay, do you require anything from me? Any leads I could persue on my own?

Not at the moment. Will get back shortly. Maybe you can open a github issue about this in the meantime

Sure thing! 🙂 And thanks for the assistance.

and you are making requests to https://backend-dev.prima.farmo.network/ right? Do the request headers contain a

rid

header?

Checking.

hmm. This means that the SDK is not doing interception on the frontend.

The SDK config you mean?

yes

Give me 2sec! 🙂

and where are you making the request to?

oh i see. So that won't work cause the cookies are attached to https://backend-dev.prima.farmo.network/ To make this work, you should see this: https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/sessions/multiple-api-endpoints

Any idea why it worked in local development? As i mentioned before hasura forwards any requests to the who-am-i endpoint in the backend, that returns the cookies in a format that hasura can handle

What was the hasura domain on local dev?

localhost:9998

right. So when using localhost, cookies are sent to all localhost domains regardless of port

Ahaaaa

but here, the domains are different.. so you need to use that config so that cookies can be shared across the sub domains

Thanks A LOT for this, been sitting with this issue for a week now xD

oh! you should have asked earlier 🙂 Anyway, lmk if this doesn't solve the problem

Will do!