Does `SuperTokens` support regular form HTTP posts? (As opposed to using json-ified data)

ITEnthusiasm

05/02/2022, 3:45 PM

Does

SuperTokens

support regular form HTTP posts? (As opposed to using json-ified data)

rp_st

05/02/2022, 3:46 PM

Not really. This will cause issues with verification of session

ITEnthusiasm

05/02/2022, 4:00 PM

Really? I would think SuperTokens would just need to read email/password from the

FormData

. I acknowledge I don't know the internals though, of course. 😅

rp_st

05/02/2022, 4:44 PM

Well.. supertokens APIs accept only JSON inputs.

ITEnthusiasm

05/02/2022, 6:50 PM

Gotcha. Well if it ever updated to also accept data from HTML Forms, that'd be super neat. The main reason is that I'm trying to figure out if there's a way to log the user in if JavaScript is disabled in the browser. If SuperTokens supported regular HTML Form posts this would be easily possible.

rp_st

05/03/2022, 4:13 AM

Ah I see. That will probably never be supported.

ITEnthusiasm

05/03/2022, 2:21 PM

Ah, rip. 😅 Okay. Well if you guys ever decide to change your minds in the future, I think it's worth considering.

Remix

is shaking things up a bit and pointing web devs back to the basics, which means we may see a time when more regular HTML Form Posts are used. (Facebook's login, for instance, uses a regular

form

with proper

method

and

action

attributes.) If that's the case and other auth services support that approach, SuperTokens will be at a disadvantage because regular forms are easier to build and don't rely on JS to work -- though they may be enhanced by JS. (As it is, if I understand correctly, users without JS cannot log into applications using SuperTokens.)

rp_st

05/03/2022, 2:25 PM

Hmmm. The issue is that the result of the sign in api call requires setting some info in the frontend cookies, which can only happen if JS is run. Maybe in the future, we can add an option to the sessions to work without any JS running on the frontend from our side. Then it would be possible

ITEnthusiasm

05/03/2022, 2:28 PM

Sounds cool! If something could work out in the future that'd be awesome! In the meantime I'll use the JS-dependent forms.

ITEnthusiasm

05/27/2022, 2:02 PM

Coming back to this briefly after several weeks. I still think it'd be great if SuperTokens supported regular forms. However, I just discovered today that I can do a regular form post the way

Remix

expects to the Remix backend, and then use the request information there to cause the server to make a request to itself for email sign up/sign in. It's a little janky since it requires the backend to call itself. 🤔 But it opens the door for logins to happen with HTML-only in the meantime. Taking notes in case anyone stumbles on this problem in the future. Been trying to create an example app for using

SuperTokens

for some isomorphic framework. But Svelte Kit has issues. And I've been jumping a few hurdles in Remix. Hopefully I can make something people here find useful in Remix land.

rp_st

05/27/2022, 2:04 PM

thank you @ITEnthusiasm

8 Views

Previous Next

SuperTokens.com

SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).