https://supertokens.com/ logo
Title
v

vishalc

10/13/2022, 9:13 AM
I signed in successfully, then used the send verification email function, and then I got this error (calling after validation errors).
r

rp

10/13/2022, 9:31 AM
hey @vishalc
can you please enable backend debug logs and show me the output
v

vishalc

10/13/2022, 9:34 AM
Did you mean backend (node JS)debug logs?
r

rp

10/13/2022, 9:35 AM
yes
these are the frontend logs. Can you show me the backend logs?
ok so the issue is that the browser is not sending the cookies
whats the value of apiDomain and websiteDomain that you have set on the frontend and backend?
v

vishalc

10/13/2022, 11:13 AM
** Backend ********* connectionURI: "http://192.168.1.33:3567", appInfo: { https://supertokens.com/docs/thirdpartyemailpassword/appinfo appName: "demo app", apiDomain: "http://192.168.0.103:8080", websiteDomain: "http://192.168.0.105:8100", apiBasePath: "/auth", websiteBasePath: "/auth" } ** Frontend ********* appInfo: { apiDomain: "http://192.168.0.103:8080", //Backend URL apiBasePath: "/auth", appName: "Demo app", }
r

rp

10/13/2022, 11:49 AM
Can you show me the output of the set-cookies header when you call the login API? I would like to see a screenshot of them as seen on chrome
No I mean In the network tab
The sign in request
Will have set-cookies headers.
I want to see a screenshot of that
right. So you see the orange triangle next to the set-cookie?
hover on it - what does it say?
v

vishalc

10/13/2022, 12:42 PM
this attempt to set a cookie via Set-Cookie header was blocked because it had the "SameSite=Lax" attribute but came from a cross-site response which was not the response to a top-level navigation.
r

rp

10/13/2022, 12:48 PM
i see. Can you change session.init on the backend to add the
cookieSameSite: "none"
config please?
and try again
v

vishalc

10/13/2022, 1:07 PM
I'm getting the same error, and I'm using nestjs.
r

rp

10/13/2022, 1:07 PM
can i see the screenshot again of set-cookie?
can you hover on the triangle now?
you will need to use https for the apiDOmain for this to work, as the browser will not allow using cookies like this with http domain
either that, or then use the same IP for website and api domain
or don't use Ip addresses at all, and instead use domain names
v

vishalc

10/13/2022, 1:26 PM
Thanks a lot, it's working now.👍
r

rp

10/13/2022, 1:57 PM
oh nice. What did you change?
v

vishalc

10/14/2022, 10:11 AM
use the same IP for website and api domain