https://supertokens.com/ logo
Join Discord
Powered by
We have some areas of our frontend that are access...
# support-questions
p
We have some areas of our frontend that are accessed by anonymous users…. But since supertokens is initialised it’s just spams the refresh api route constantly. Is there a way to turn it off, or only call refresh when logged in?
r
Hey! So the problem is that it calls the refresh endpoint many times per user or once for each new user?
p
User is not logged in, and hasn’t yet been asked to login
r
It should call the refresh just once per new user then. Do you find it calling it multiple times?
p
Its an anonymous route…. But the page has been open a couple of minutes and so far browser has spammed the refresh endpoint about 2000 times
There is no user
r
Huh.. so there could be another issue then
p
So this is a page before the user is asked to login…. So it’s anonymous
r
Aftwr a refresh is called, I assume you get a 401?
And then what is in the cookie store ?
p
I think its getting a 200 but it’s not logged in so I don’t know why it’s even calling refresh
r
Well. The SDK called refresh if there are no cookies at all that are set. To check it a session exists or not
Cause on browsers like safari, it wipes out frontend set cookies after 7 days of inactivity
And the refresh should not return a 200 if the user is not logged in
Can you enable debug logs on the backend and show me the output of it when refresh is called?
p
May have been logged in before and not logged out I guess
I’ll take a look.
r
But then it shouldn’t be calling refresh continuously
4 Views
PreviousNext
Powered by