Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Title
c
Chunkygoo
10/18/2022, 5:46 AMI am getting an error when I do not explicitly set cookie_domain="localhost"
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "middleware: Started", "file": "supertokens.py:536"}
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "middleware: Not handling because request path did not start with config path. Request path: /users/interest/1", "file": "supertokens.py:543"}
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: Started", "file": "recipe/session/recipe_implementation.py:241"}com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: rid in header: False", "file": "recipe/session/recipe_implementation.py:243"}
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: request method: DELETE", "file": "recipe/session/recipe_implementation.py:246"}
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: Value of doAntiCsrfCheck is: True", "file": "recipe/session/recipe_implementation.py:280"}
com.supertokens {"t": "2022-10-18T05:44:50.763Z", "sdkVer": "0.11.0", "message": "getSession: Returning TRY_REFRESH_TOKEN because custom header (rid) was not passed", "file": "recipe/session/session_functions.py:150"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Started", "file": "supertokens.py:610"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Error is from SuperTokens recipe. Message: anti-csrf check failed. Please pass 'rid: "anti-csrf"' header in the request, or set doAntiCsrfCheck to false for this API", "file": "supertokens.py:611"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Checking recipe for match: session", "file": "supertokens.py:622"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Matched with recipeID: session", "file": "supertokens.py:628"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: returning TRY_REFRESH_TOKEN", "file": "recipe/session/recipe.py:245"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "Sending response to client with status code: 401", "file": "utils.py:134"}If I set cookie domain it works just fine
nextjs frontend sending a request to a protected api
r
rp
10/18/2022, 6:10 AMlocalhost is not a valid value for cookie_domain
c
Chunkygoo
10/18/2022, 6:17 AMWhen I add it, it works
if i do not add it, it fails
r
rp
10/18/2022, 6:27 AMright. My bad. Then you should add it
c
Chunkygoo
10/18/2022, 6:29 AMShouldn't supertokens work without adding it?
r
rp
10/18/2022, 6:30 AMwell, if you want to share cookies across different localhost ports, you need to add it
c
Chunkygoo
10/18/2022, 6:39 AMI see
So using different ports mean I would have to add it?
what about in prod where I have www.x.com and api.x.com
r
rp
10/18/2022, 6:40 AMthen you will have to add
.x.comas the value of
cookie_domainc
Chunkygoo
10/18/2022, 6:44 AMBut www.x.com is not using cookie_domain though
I decided to give up server side rendering and only use client side rendering for auth-needed actions
If I do not add a cookie domain, the default which is api.x.com will be used. And the cookies will be sent by the browser to api.x.com right?
r
rp
10/18/2022, 6:46 AMyes
c
Chunkygoo
10/18/2022, 6:48 AMBut on localhost that is not the case?