https://supertokens.com/ logo
m

mrserif

04/01/2022, 9:53 PM
We're using NodeJS supertokens SDK + managed service in production and as of today all backend verifySession() middleware calls are returning 401. Is something wrong with the managed service?
r

rp

04/01/2022, 9:57 PM
We're using NodeJS supertokens SDK + managed service in production and as of today all backend verifySession() middleware calls are returning 401. Is something wrong with the managed service?
Hey. Nothing in particular. Are you using self hosted? Which version of the SDK?
m

mrserif

04/01/2022, 9:57 PM
I'd upgraded to 9.1.1 with a deployment today
I tried reverting back to 8.6.0, but that's also returning 401 in verifySession
the service has worked flawlessly for us up till now
r

rp

04/01/2022, 9:59 PM
Really strange
Which recipe?
m

mrserif

04/01/2022, 9:59 PM
const { verifySession } = require('supertokens-node/recipe/session/framework/express') const EmailPassword = require('supertokens-node/recipe/emailpassword')
r

rp

04/01/2022, 10:00 PM
What does sign in return?
Can I see the response headers?
m

mrserif

04/01/2022, 10:02 PM
odd
it just came back
and is now working
r

rp

04/01/2022, 10:02 PM
Reallly strange
m

mrserif

04/01/2022, 10:02 PM
yeah, I didn't even revert anything
🤔
r

rp

04/01/2022, 10:03 PM
If it happens again, please do capture the following:
- response headers from sign in api call
- any browser console log
- any backend API error log
m

mrserif

04/04/2022, 12:13 PM
Ok, was able to reproduce this morning
r

rp

04/04/2022, 12:14 PM
alright! Tell me more please.
m

mrserif

04/04/2022, 12:14 PM
This is in localhost - not on production - but same situation seems to apply
Signin response headers ^
Following api request headers look like this
r

rp

04/04/2022, 12:15 PM
Right. I see.
m

mrserif

04/04/2022, 12:15 PM
The 401 is of course because the cookie is missing
r

rp

04/04/2022, 12:15 PM
Do you use axios or fetch?
m

mrserif

04/04/2022, 12:15 PM
Axios
happy to switch if it's causing issues
our codebase is pretty small
r

rp

04/04/2022, 12:15 PM
Added supertokens' interceptors to add axios instances?
m

mrserif

04/04/2022, 12:15 PM
yep! Flow works in general
r

rp

04/04/2022, 12:15 PM
no need to switch. Should work well with axios as well.
m

mrserif

04/04/2022, 12:16 PM
this only seems to happen in our application when you have multiple tabs / windows open and you log into different user accounts
r

rp

04/04/2022, 12:16 PM
from the request headers, it seems that the interceptor was not applied
m

mrserif

04/04/2022, 12:16 PM
I was testing across a couple different organizations when the reproducer occurred
So I'm guessing I'm not handling logout correctly
or doing session invalidation properly?
r

rp

04/04/2022, 12:16 PM
are you querying an API that is != to the apiDomain value in supertokens.init?
m

mrserif

04/04/2022, 12:16 PM
nope, that doesn't ever change
r

rp

04/04/2022, 12:17 PM
huh.. can we get on a quick call to debug this?
m

mrserif

04/04/2022, 12:17 PM
sure!
I tell you what
give me a few more minutes to get a 100% reproducible flow
then we can walk through the code path
r

rp

04/04/2022, 12:17 PM
cool! lmk
m

mrserif

04/04/2022, 12:17 PM
the issue is "fixed" when I kill my browser window
so something's definitely up with my frontend state
I just need to figure out what it is 🙂
r

rp

04/04/2022, 12:19 PM
i see. Lmk if you would like to hop on a call
Can debug this together as well.
m

mrserif

04/04/2022, 12:28 PM
OK! I figured it out
so - Axios interceptors were initialized in a vue component instead of main
when you logged into multiple different windows, the oldest window would throw an error
that error would cause the component that normally initialized axios interceptors to bail out
moving the init all the way up to main.js resolves the issue, as interceptors are applied before any component loading
thanks again for offering support 🙂
r

rp

04/04/2022, 12:32 PM
ok awesome!! :))
3 Views