kalibcheil0320
04/08/2022, 4:22 PM"try refresh token".
and every other endpoint works well.
But if I comment the verifySession()
in production I can create the user.rp_st
04/08/2022, 4:25 PMrp_st
04/08/2022, 4:25 PMrp_st
04/08/2022, 4:25 PMkalibcheil0320
04/08/2022, 4:25 PMrp_st
04/08/2022, 4:25 PMrp_st
04/08/2022, 4:25 PMkalibcheil0320
04/08/2022, 4:25 PMrp_st
04/08/2022, 4:26 PMDEBUG=com.supertokens node index.js
rp_st
04/08/2022, 4:26 PMkalibcheil0320
04/08/2022, 4:27 PMkalibcheil0320
04/08/2022, 4:33 PMkalibcheil0320
04/08/2022, 4:33 PMrp_st
04/08/2022, 4:34 PMrp_st
04/08/2022, 4:34 PMhttp://localhost:3000
. Is that intentional? Shouldn't prod API server have a domain like https://api.dr.cheil.cloud/
or something?rp_st
04/08/2022, 4:36 PMkalibcheil0320
04/08/2022, 4:37 PMkalibcheil0320
04/08/2022, 4:38 PMkalibcheil0320
04/08/2022, 4:38 PMrp_st
04/08/2022, 4:38 PMrid: "anti-csrf"
as a header in your requestkalibcheil0320
04/08/2022, 4:40 PMkalibcheil0320
04/08/2022, 4:40 PMkalibcheil0320
04/08/2022, 4:40 PMrp_st
04/08/2022, 4:40 PMrid: "anti-csrf"
. Since this is missing from the postman request, the verifySession rejects the request (for security)rp_st
04/08/2022, 4:40 PM