https://supertokens.com/ logo
Title
l

Leonxx

10/06/2022, 2:27 PM
Hi. I have a problem while doing fetch from the front end to my backend I get 401 non-authorize. In docs, it said that if 8using fetch no actions are needed, what I'm missng
p

porcellus

10/06/2022, 2:28 PM
Hi. Do you have an active session on the frontend?
if so can you show me what kind headers are being sent with your fetch request?
l

Leonxx

10/06/2022, 2:33 PM
Session is active. I did check it with await Session.doesSessionExist()
I sent only content type header. I haven't found any information about header that need to be included
p

porcellus

10/06/2022, 2:36 PM
You don't need to set any headers, but there is likely a problem with the setup. What I want to make sure is that the cookies are being sent, that should help nail down the problem.
One guess is that there is an issue with api domain and/or session scope on the frontend. Have you set those appropriately?
l

Leonxx

10/06/2022, 2:40 PM
So I dont get any cookies
p

porcellus

10/06/2022, 2:42 PM
Could you show me the headers of the sign in response and the request that's failing?
are the API handling the sign in the same as the one where the request is failing?
l

Leonxx

10/06/2022, 2:43 PM
{ host: 'localhost:3000', connection: 'keep-alive', 'content-length': '100', rid: 'anti-csrf', 'user-agent': 'Mozilla/5.0 (X11; Linux aarch64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.188 Safari/537.36 CrKey/1.54.250320', 'content-type': 'application/json', accept: '*/*', origin: 'http://127.0.0.1:5173', 'sec-fetch-site': 'cross-site', 'sec-fetch-mode': 'cors', 'sec-fetch-dest': 'empty', referer: 'http://127.0.0.1:5173/', 'accept-encoding': 'gzip, deflate, br', 'accept-language': 'en-GB,en-US;q=0.9,en;q=0.8,pl;q=0.7' }
where I can get sign in headers if everything handled by supertokens library?
p

porcellus

10/06/2022, 2:47 PM
from the network tab in the dev tools
also, could you share the configs of the backend and the frontend SDK?
l

Leonxx

10/06/2022, 2:58 PM
front
back
very strange I can't sign out now) I been doing that before but now I get response 200 but I still have active session
p

porcellus

10/06/2022, 3:06 PM
can you check what cookies are set in your browser? you should a few set both on for the frontend and the backend domain.
l

Leonxx

10/06/2022, 3:08 PM
i can't check what cookies I send because I'm using passwordless auth. And requests are empty after redirection
not cookies but headers
p

porcellus

10/06/2022, 3:09 PM
You can tick "Preserve log" to keep them. it's near the top right of the network tab
So those are the frontend headers, any set for the backend domain?
l

Leonxx

10/06/2022, 3:11 PM
Btw now when I use sign out method I get more cookies....
p

porcellus

10/06/2022, 3:14 PM
Can you include the domain and path in the screenshot as well?
sIRTFrontend
showing up twice means that either the config changed or something strange is going on.
l

Leonxx

10/06/2022, 3:19 PM
this is shown after I signed in
you need response hedaers as well?
p

porcellus

10/06/2022, 3:21 PM
I'd need the response headers of the request signing you in (
code/consume
in this case)
hmm, can you hover over those yellow triangles?
oh, that's the problem
you could try and solve this by setting
cookieSameSite
in the backend config to "none", but that requires
cookieSecure
set to true which means you'd have to use https
the easier way to solve this would be to use localhost for both front and backend in local development
different ports are fine.
l

Leonxx

10/06/2022, 3:35 PM
ok now at least I can sign out)
let me try api call
yes it's working.
Sorry for that. It actually 100% my bad.
Thank you for your help!
p

porcellus

10/06/2022, 3:39 PM
happy to help 🙂 this isn't like an obvious mistake, don't worry 🙂
l

Leonxx

10/06/2022, 3:41 PM
It is because like I said before sign-in and sign-out were working. But I came back to my project after some time and my did change local host to ip address myself)
I will be implementing microservice authorization so definitely there will be some questions😀