KalibCheil
04/08/2022, 4:22 PM"try refresh token".
and every other endpoint works well.
But if I comment the verifySession()
in production I can create the user.rp
04/08/2022, 4:25 PMrp
04/08/2022, 4:25 PMrp
04/08/2022, 4:25 PMKalibCheil
04/08/2022, 4:25 PMrp
04/08/2022, 4:25 PMrp
04/08/2022, 4:25 PMKalibCheil
04/08/2022, 4:25 PMrp
04/08/2022, 4:26 PMDEBUG=com.supertokens node index.js
rp
04/08/2022, 4:26 PMKalibCheil
04/08/2022, 4:27 PMKalibCheil
04/08/2022, 4:33 PMKalibCheil
04/08/2022, 4:33 PMrp
04/08/2022, 4:34 PMrp
04/08/2022, 4:34 PMhttp://localhost:3000
. Is that intentional? Shouldn't prod API server have a domain like https://api.dr.cheil.cloud/
or something?rp
04/08/2022, 4:36 PMKalibCheil
04/08/2022, 4:37 PMKalibCheil
04/08/2022, 4:38 PMKalibCheil
04/08/2022, 4:38 PMrp
04/08/2022, 4:38 PMrid: "anti-csrf"
as a header in your requestKalibCheil
04/08/2022, 4:40 PMKalibCheil
04/08/2022, 4:40 PMKalibCheil
04/08/2022, 4:40 PMrp
04/08/2022, 4:40 PMrid: "anti-csrf"
. Since this is missing from the postman request, the verifySession rejects the request (for security)rp
04/08/2022, 4:40 PM