https://supertokens.com/ logo
f

FrAgOrDiE

04/15/2022, 9:29 AM
Hi there, these are the cookies I have in the browser when I'm (supposed to be) signed in. https://prnt.sc/0-c7XPkIYqoh Is this correct? If yes, then why do I get this response on auth/me? https://prnt.sc/s29fUDnToVcg
r

rp

04/15/2022, 9:43 AM
hey @FrAgOrDiE
Can you enable debug logging and show me the log output of this API call?
f

FrAgOrDiE

04/15/2022, 9:50 AM
alright so here I'm having troubles aswell: I'm both starting my NestJS project with
DEBUG=com.supertokens npm start
and setting
DEBUG=com.supertokens npm start
into the .env file. And this https://prnt.sc/yfg_qLrNXo-L is the output I get. Just a normal server start without logging
I tried sending API requests to the server, still no logging
r

rp

04/15/2022, 9:50 AM
whcih version of node SDK?
f

FrAgOrDiE

04/15/2022, 9:51 AM
"supertokens-node": "^9.1.1"
r

rp

04/15/2022, 9:51 AM
use ^9.1.2
f

FrAgOrDiE

04/15/2022, 9:54 AM
ok sweet it works with npm start, can`t I set a debug flag into the code?
because only by setting the variable into .env file doesn't work
r

rp

04/15/2022, 9:55 AM
Right. You have to do it via the env var.
f

FrAgOrDiE

04/15/2022, 9:58 AM
It doesn't work like that
as you can see the env variable is taken by node
but no debug logs like this
edit: on windows it doesn't work either way, on linux it works if starting with
DEBUG=com.supertokens npm start
but it doesn't if I start with
npm start
and variable into env file
It doesn't particularly matter though. In response to your first question:
The cookies have different domains and maybe that's the issue: I'm investigating on it. Sorry for the confusion
r

rp

04/15/2022, 10:18 AM
yea. you are right. The cookies do have a different domain set.
f

FrAgOrDiE

04/15/2022, 10:30 AM
@rp, why then the cookie domain https://prnt.sc/0-c7XPkIYqoh is set to localhost? What changes this?
Same requests on postman set the cookie domain to the API base path
r

rp

04/15/2022, 10:31 AM
these are different cookies than the cookies associated with the API.
These cookies are attached to your frontend app.
It's for the frontend app to know if a session exists or not.
The cookies attached to your API domain are different, and those are for the backend to use during session verification.
f

FrAgOrDiE

04/15/2022, 10:38 AM
I get it
Do you have any idea then why auth/me gets "unauthorized"?
r

rp

04/15/2022, 10:39 AM
Can you also send the output logs for when you start the server?
And also how you are querying the API.
f

FrAgOrDiE

04/15/2022, 10:41 AM
these are server start logs
r

rp

04/15/2022, 10:44 AM
Are you setting
cookieSecure
to
false
during session.init?
f

FrAgOrDiE

04/15/2022, 10:50 AM
/consume seems to attempt set-cookie but cookies are not being set
here the /verify request
yes
on the server, yes
r

rp

04/15/2022, 10:51 AM
what does the orange triangle say next to the set cookie headers?
f

FrAgOrDiE

04/15/2022, 10:55 AM
"This Set-Cookie was blocked due to user preferences"
r

rp

04/15/2022, 10:55 AM
Can you remove the
cookieSecure: false
on the backend and try again?
f

FrAgOrDiE

04/15/2022, 11:00 AM
this is what we get not by the way
yeah, we`re now trying to deploy on the actual domain / no localhost
r

rp

04/15/2022, 11:00 AM
I mean just remove the cookieSecure flag that you set to false on the backend and it should work
even if you query from localhost, it will work.
f

FrAgOrDiE

04/15/2022, 11:01 AM
ahh ok
sweet, it works
thank you
4 Views