https://supertokens.com/
Join Discord
hi, i'm having a hard time getting 'supertokens-website' to work, help please 😅 `attemptRefreshing...
# support-questions-legacy
y
hi, i'm having a hard time getting 'supertokens-website' to work, help please 😅 
attemptRefreshingSession
and 
doesSessionExist
keep returning 
false
Copy code
ts
const api = axios.create({ baseURL: '/api', timeout: 5_000 });
SuperTokens.addAxiosInterceptors(api);

SuperTokens.init({
  apiDomain: 'http://localhost:3000',
  apiBasePath: '/api/auth',
});

async function signIn(form) {
  const res = await api.post('/auth/signin', form); 
  // {"status":"OK","user":{"email":"test@gmail.com","id":"de770ff7-4524-4108-994f-717c1d12bec4","timeJoined":1650956757303}}
  // the set-cookie headers are also present, and cookies are saved correctly

  const attemptRefreshingSession = await SuperTokens.attemptRefreshingSession();
  const doesSessionExist = await SuperTokens.doesSessionExist()
  console.log(attemptRefreshingSession, doesSessionExist); // false, false
}
r
hi, i'm having a hard time getting 'supertokens-website' to work, help please 😅 
attemptRefreshingSession
and 
doesSessionExist
keep returning 
false
Copy code
ts
const api = axios.create({ baseURL: '/api', timeout: 5_000 });
SuperTokens.addAxiosInterceptors(api);

SuperTokens.init({
  apiDomain: 'http://localhost:3000',
  apiBasePath: '/api/auth',
});

async function signIn(form) {
  const res = await api.post('/auth/signin', form); 
  // {"status":"OK","user":{"email":"test@gmail.com","id":"de770ff7-4524-4108-994f-717c1d12bec4","timeJoined":1650956757303}}
  // the set-cookie headers are also present, and cookies are saved correctly

  const attemptRefreshingSession = await SuperTokens.attemptRefreshingSession();
  const doesSessionExist = await SuperTokens.doesSessionExist()
  console.log(attemptRefreshingSession, doesSessionExist); // false, false
}
Hey @yzs
Can you enable debug logging in the backend SDK and show the output when you make the signin api call?
y
i'm using docker-compose for the backend sdk, trying to set env like this, but it does not seem to work
Copy code
DEBUG: com.supertokens
SUPERTOKENS_DEBUG: '1'
@rp_st
i think this is what you asked for @rp_st
message
r
not these logs. The logs that the python process produces.
Which version of the python SDK are you using?
y
i'm not sure, but i'm using docker image registry.supertokens.io/supertokens/supertokens-postgresql
and supertokens-node@9.2.0
Copy code
You are using SuperTokens Community
SuperTokens Core version: 3.12.1
Plugin Interface version: 2.13.0
Database Plugin name: postgresql
Database Plugin version: 1.15.0
Java version: OpenJDK 15.0.1
Installation directory: /usr/lib/supertokens
here are the logs you asked @rp_st
one more thing - everything seemed to work for a couple of times after i restart my laptop, maybe it's some kind of security thing for too many refresh attempts?
r
whats the logs that you get when you start the server?
y
r
whats the response headers from the sign in API?
Can I see a sreenshot of it?
y
r
the headers
y
request headers POST /api/auth/signin HTTP/1.1 Accept: application/json, text/plain, / Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9,ru-KZ;q=0.8,ru;q=0.7 Cache-Control: no-cache Connection: keep-alive Content-Length: 95 Content-Type: application/json Cookie: sIRTFrontend=remove; sAccessToken=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0%3D.eyJzZXNzaW9uSGFuZGxlIjoiYTY0ZjQ1NzEtY2ZlZi00MWQ2LWIwZTUtNmM4MTFiYjdjM2NjIiwidXNlcklkIjoiZGU3NzBmZjctNDUyNC00MTA4LTk5NGYtNzE3YzFkMTJiZWM0IiwicmVmcmVzaFRva2VuSGFzaDEiOiI1OGM4YTAyZDM4NTcwYjhmZDM0ZWJiYmMxOWNjZDdmM2YyMjFjMTczYjIwMThiZmYyYTFiOGM0YzNhOWY0Zjk1IiwidXNlckRhdGEiOnsic29tZUtleSI6InNvbWVWYWx1ZSJ9LCJleHBpcnlUaW1lIjoxNjUwOTcyMzEyNDM2LCJ0aW1lQ3JlYXRlZCI6MTY1MDk2ODcxMjQzNiwibG1ydCI6MTY1MDk2ODcxMjQzNn0%3D.NuuVmjrvQZyvdP9Y%2BuhGagFz4n998%2F7WbPTbynuJ4dL4e6koqEiRHE7wIEIRFIP52paFRNw6SzZ%2F0BAvaKPkFfFgx7JIf6CODHOBP278Qdc15llRhxVcRgE3HxW8tDXWuzYufoaoHiTntmZk%2B2D0HxGMrh%2Fv7%2Fz%2BXm5aQU%2FZs29LGt3DPZuIhFfcRa3mYxyq5cDmRTAex4NZl5rpEc3GGgp9sZFi3Z9jDWDVnAIomE8XCjxyqeEF6w%2BLW8S5xMXiLuiHSdlAfb5u86PgcDW4N9pIQGxOxe9Ew%2FGiHEXBSkcTD%2B9t5QstTuQZrYZDmFsPd0fdDA%2FQm4v8RGr3yLLBzQ%3D%3D; sIdRefreshToken=39efd9e7-ce88-49e4-990c-248113926edc Host: localhost:4000 Origin: http://localhost:4000 Pragma: no-cache Referer: http://localhost:4000/login Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Google Chrome";v="100" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows"
response headers HTTP/1.1 200 OK access-control-allow-origin: http://localhost:4000 x-powered-by: Express vary: Origin access-control-allow-credentials: true front-token: eyJ1aWQiOiJkZTc3MGZmNy00NTI0LTQxMDgtOTk0Zi03MTdjMWQxMmJlYzQiLCJhdGUiOjE2NTA5NzI0MTQ5ODEsInVwIjp7InNvbWVLZXkiOiJzb21lVmFsdWUifX0= access-control-expose-headers: front-token, id-refresh-token set-cookie: sAccessToken=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0%3D.eyJzZXNzaW9uSGFuZGxlIjoiOGE4Yjc1MjktZDlhMi00ZTVmLTk2ZjYtNWQyMjk3MTI1ZDU2IiwidXNlcklkIjoiZGU3NzBmZjctNDUyNC00MTA4LTk5NGYtNzE3YzFkMTJiZWM0IiwicmVmcmVzaFRva2VuSGFzaDEiOiI2MzJkZjJkNTZhNDYwZjVhNDc1ZDEwZmNiMDRjYmY5OTY5NTU2OGZjYjIwZDRhMmZiNDk2NmI0N2NhZTQzNTU1IiwidXNlckRhdGEiOnsic29tZUtleSI6InNvbWVWYWx1ZSJ9LCJleHBpcnlUaW1lIjoxNjUwOTcyNDE0OTgxLCJ0aW1lQ3JlYXRlZCI6MTY1MDk2ODgxNDk4MSwibG1ydCI6MTY1MDk2ODgxNDk4MX0%3D.W1u%2BRuSuK%2F8EwfXra81I1o%2BbocwGNanwg4rtGtu85CM4f0q1he2Xh723Ei83t5SeDqHy96mnRiSaetjkztH%2BBrlHBiK6NlTwzBpTID8SVr517k6ajPoTuAMoVWoXjh7%2BQB%2FraA04825UNWdO8NgLl21xIc2ODy4pKs7RCCivGsWF2k8LDggKzE8mkXeTR1aqpaFuMa6h26qkzJ1vJwyeoTATKNjzaibl%2BdADGpBDowbfKk%2Fgc7Pa9me%2B7H%2BxHRwZjG2Cr6oAXKwf6vwVTjzS%2B6ZBXW5ZLDRQyhUl0L9QmPLHArX3HiyQlC51as94FHlAVgah%2BzgG6mdfDdnQ3DHlCQ%3D%3D; Path=/; Expires=Tue, 26 Apr 2022 11:26:54 GMT; HttpOnly; SameSite=Lax set-cookie: sRefreshToken=5tDwjdwF222%2FEZGgzzCuUdVxBcvx82%2By%2FeEUqH4Vyvu%2FukrpJn9Kab1tUsfh5LhU3eZk6COeT%2FCgzzctss%2FwdneQEhovBSKVZH3TIj8TX0D%2Bl2wWshgxZwFd1fzGwRYa2mMNydm1HbjRcVOoyP3C8QY%2B3zGxdCoK9pE90ulhCRl8dOMHiuZcDke0BDyUhoIO8z0gVT9t0XepXVd2sFo15DimuZUI9lkuTs3xRIEW9FAw%2BCODObVgFuWPeGBHNYfzMA3jpgF0b81i2s6o4gNI.57ccab65e879af0381f7dc28991906597742bfa2a53ff3a936804317b0377093.V2; Path=/api/auth/session/refresh; Expires=Thu, 04 Aug 2022 10:26:54 GMT; HttpOnly; SameSite=Lax set-cookie: sIdRefreshToken=bfe1f040-7d3f-451c-86b5-b7612ac874c8; Path=/; Expires=Thu, 04 Aug 2022 10:26:54 GMT; HttpOnly; SameSite=Lax id-refresh-token: bfe1f040-7d3f-451c-86b5-b7612ac874c8;1659608814981
r
hmm so that seems fine
Is there any orange triangle at the end of the "set-cookie" header?
y
no, cookies work fine, i checked the cookies tab in devtools too
r
Can you send a screenshot of the cookies tab after calling the sign in API?
y
wow, funny thing, if i clear all cookies before making a signin request it all starts working
r
huh.....
y
r
that seems about right
y
ok, that prev screenshot is when it's working
r
delete the sAccessToken only, then make an API call that requires session verification and see if it successfully refreshes it?
y
but then this cookies only are present when it does not work
r
so the frontend thinks that the session deosn't exist
that can happen if you have not added the interceptors when making the call to the login API
i see that in the code you have added interceptors, but is there any other instance where you are logging in and you haven't added interceptors?
y
no, i use only this axios instance
r
hmm
y
also when everything works (when i clear the cookies before request) backend sees the session
but when it doesn't work the backend does not see the session too
r
so when everything works, when does it stop working?
y
can you maybe tell why there are less cookies in the screenshot that i sent to you?
when i log out, and try to log back in
r
ahhh i see.
So when you logout, how are you doing that?
Also, in the screenshot you sent, there are less cookies cause the frontend thinks the session deosn't exist and has removed the frontend set cookies
y
i call SuperTokens.signOut()
r
and the response headers for that?
can i see those headers?
y
HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: http://localhost:4000 Vary: Origin Access-Control-Allow-Credentials: true Set-Cookie: sAccessToken=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; SameSite=Lax Set-Cookie: sRefreshToken=; Path=/api/auth/session/refresh; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; SameSite=Lax Set-Cookie: sIdRefreshToken=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; SameSite=Lax id-refresh-token: remove Access-Control-Expose-Headers: id-refresh-token Content-Type: application/json; charset=utf-8 Content-Length: 15 ETag: W/"f-v/Y1JusChTxrQUzPtNAKycooOTA" Date: Tue, 26 Apr 2022 10:38:35 GMT Connection: keep-alive Keep-Alive: timeout=5
r
right. So that seems fine too.. it remvoes the cokoies as expected
but the browser still keeps the cookies.
weird..
y
this is cookies after signOut()
r
so that's correect too then
so if you try to sign in now, it will not work?
y
no
doesSessionExists() returns false, but cookies are present again
r
so strange..
y
yes
so strange
r
the only explanation i have is that somehow, after sign out, the intercepor it not being applied
can you use fetch instead of api.post for the sign in call and see if this happens?
Cause if it works fro fetch, then I can be sure it's a problem with the interceptor not being applied correctly.
y
ok, i'll try that now
wow, everything works just fine
r
yeaa. So please just check if you are adding the interceptor for sure all the time
y
ok, even when searching for axios in my code i it only 4 times because i only use the instance
i guess i better use fetch for now 😅
thanks for making time to help me 🙏
r
that's.. really odd though.
axios should work just fine.. tons of our users use it.. hehe
y
omg i think i'm dumb
baseURL : '/api'
instead of 
baseURL: 'http://localhost:3000/api'
r
oh.. yea.. but then how come the sign in API was getting called?
y
bc i was using proxy earlier
r
ohhh i see.
y
idk lol
r
> bc i was using proxy earlier
y
sorry for being dumb and thanks for your time 🫂
r
hehe.. don't worry about it. Happens to the best of us 🙂
happy to help
7 Views
PreviousNext
Powered by

SuperTokens.com

SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

Powered by