Channels
#support-questions
Title
p
PitchAsh
05/05/2022, 5:27 PMWe have some areas of our frontend that are accessed by anonymous users…. But since supertokens is initialised it’s just spams the refresh api route constantly. Is there a way to turn it off, or only call refresh when logged in?
r
rp
05/05/2022, 5:30 PMHey! So the problem is that it calls the refresh endpoint many times per user or once for each new user?
p
PitchAsh
05/05/2022, 5:31 PMUser is not logged in, and hasn’t yet been asked to login
r
rp
05/05/2022, 5:31 PMIt should call the refresh just once per new user then. Do you find it calling it multiple times?
p
PitchAsh
05/05/2022, 5:31 PMIts an anonymous route…. But the page has been open a couple of minutes and so far browser has spammed the refresh endpoint about 2000 times
There is no user
r
rp
05/05/2022, 5:32 PMHuh.. so there could be another issue then
p
PitchAsh
05/05/2022, 5:32 PMSo this is a page before the user is asked to login…. So it’s anonymous
r
rp
05/05/2022, 5:32 PMAftwr a refresh is called, I assume you get a 401?
And then what is in the cookie store ?
p
PitchAsh
05/05/2022, 5:33 PMI think its getting a 200 but it’s not logged in so I don’t know why it’s even calling refresh
r
rp
05/05/2022, 5:34 PMWell. The SDK called refresh if there are no cookies at all that are set. To check it a session exists or not
Cause on browsers like safari, it wipes out frontend set cookies after 7 days of inactivity
And the refresh should not return a 200 if the user is not logged in
Can you enable debug logs on the backend and show me the output of it when refresh is called?
p
PitchAsh
05/05/2022, 5:35 PMMay have been logged in before and not logged out I guess
I’ll take a look.
r
rp
05/05/2022, 5:36 PMBut then it shouldn’t be calling refresh continuously