ITEnthusiasm
05/02/2022, 4:41 PMverifySession
still work correctly? 🤔 Even when I set sessionRequired: false
, I'm getting 401s.rp
05/02/2022, 4:43 PMITEnthusiasm
05/02/2022, 4:44 PMrp
05/02/2022, 4:45 PMITEnthusiasm
05/02/2022, 4:59 PMverifySession
globally.
I need to call the backend to get a webpage that will enable me to do a refresh. But I can't access that webpage because the user needs to refresh first.rp
05/02/2022, 5:01 PMITEnthusiasm
05/02/2022, 5:05 PMts
async function mySessionMiddleware(req, res) {
const session = await Session.getSession(req, res);
if (!session) throw Error("My Error");
// ...
}
And another middleware would try to catch that error?rp
05/02/2022, 5:15 PM!session
is true, it means the user is not logged in, so you can call next
in that.
You can do something like:
async function mySessionMiddleware(req, res, next) {
try {
let session = await Session.getSession(context.req, context.res)
req.session = session;
return next();
} catch (err) {
if (err.type === Session.Error.TRY_REFRESH_TOKEN) {
// send a 401 here, with some html content. On the frontend, this should call the refresh API
} else if (err.type === Session.Error.UNAUTHORISED) {
// the user is not logged in
return next();
} else {
throw err
}
}
}
Note that this should be AFTER the app.use(middleware())
where middleware
is imported from supertokens.ITEnthusiasm
05/02/2022, 5:20 PM