https://supertokens.com/
Join Discord
Menu
Home
Archive
I am getting an error when I do not explicitly set cookie_domain="localhost"
# support-questions-legacy
c
I am getting an error when I do not explicitly set cookie_domain="localhost"
Copy code
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "middleware: Started", "file": "supertokens.py:536"}

com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "middleware: Not handling because request path did not start with config path. Request path: /users/interest/1", "file": "supertokens.py:543"}

com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: Started", "file": "recipe/session/recipe_implementation.py:241"}
Copy code
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: rid in header: False", "file": "recipe/session/recipe_implementation.py:243"}

com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: request method: DELETE", "file": "recipe/session/recipe_implementation.py:246"}

com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: Value of doAntiCsrfCheck is: True", "file": "recipe/session/recipe_implementation.py:280"}

com.supertokens {"t": "2022-10-18T05:44:50.763Z", "sdkVer": "0.11.0", "message": "getSession: Returning TRY_REFRESH_TOKEN because custom header (rid) was not passed", "file": "recipe/session/session_functions.py:150"}

com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Started", "file": "supertokens.py:610"}

com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Error is from SuperTokens recipe. Message: anti-csrf check failed. Please pass 'rid: "anti-csrf"' header in the request, or set doAntiCsrfCheck to false for this API", "file": "supertokens.py:611"}

com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Checking recipe for match: session", "file": "supertokens.py:622"}

com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Matched with recipeID: session", "file": "supertokens.py:628"}

com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: returning TRY_REFRESH_TOKEN", "file": "recipe/session/recipe.py:245"}

com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "Sending response to client with status code: 401", "file": "utils.py:134"}
If I set cookie domain it works just fine
nextjs frontend sending a request to a protected api
r
localhost is not a valid value for cookie_domain
c
When I add it, it works
if i do not add it, it fails
r
right. My bad. Then you should add it
c
Shouldn't supertokens work without adding it?
r
well, if you want to share cookies across different localhost ports, you need to add it
c
I see
So using different ports mean I would have to add it?
what about in prod where I have www.x.com and api.x.com
r
then you will have to add 
.x.com
as the value of 
cookie_domain
c
But www.x.com is not using cookie_domain though
I decided to give up server side rendering and only use client side rendering for auth-needed actions
If I do not add a cookie domain, the default which is api.x.com will be used. And the cookies will be sent by the browser to api.x.com right?
r
yes
c
But on localhost that is not the case?
69 Views
PreviousNext
Powered by

SuperTokens.com

SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

Powered by