https://supertokens.com/ logo
Join Discord
Powered by
We're using NodeJS supertokens SDK + managed servi...
# support-questions
m
We're using NodeJS supertokens SDK + managed service in production and as of today all backend verifySession() middleware calls are returning 401. Is something wrong with the managed service?
r
We're using NodeJS supertokens SDK + managed service in production and as of today all backend verifySession() middleware calls are returning 401. Is something wrong with the managed service?
Hey. Nothing in particular. Are you using self hosted? Which version of the SDK?
m
I'd upgraded to 9.1.1 with a deployment today
I tried reverting back to 8.6.0, but that's also returning 401 in verifySession
the service has worked flawlessly for us up till now
r
Really strange
Which recipe?
m
const { verifySession } = require('supertokens-node/recipe/session/framework/express') const EmailPassword = require('supertokens-node/recipe/emailpassword')
r
What does sign in return?
Can I see the response headers?
m
odd
it just came back
and is now working
r
Reallly strange
m
yeah, I didn't even revert anything
🤔
r
If it happens again, please do capture the following:
- response headers from sign in api call
- any browser console log
- any backend API error log
m
Ok, was able to reproduce this morning
r
alright! Tell me more please.
m
This is in localhost - not on production - but same situation seems to apply
Signin response headers ^
Following api request headers look like this
r
Right. I see.
m
The 401 is of course because the cookie is missing
r
Do you use axios or fetch?
m
Axios
happy to switch if it's causing issues
our codebase is pretty small
r
Added supertokens' interceptors to add axios instances?
m
yep! Flow works in general
r
no need to switch. Should work well with axios as well.
m
this only seems to happen in our application when you have multiple tabs / windows open and you log into different user accounts
r
from the request headers, it seems that the interceptor was not applied
m
I was testing across a couple different organizations when the reproducer occurred
So I'm guessing I'm not handling logout correctly
or doing session invalidation properly?
r
are you querying an API that is != to the apiDomain value in supertokens.init?
m
nope, that doesn't ever change
r
huh.. can we get on a quick call to debug this?
m
sure!
I tell you what
give me a few more minutes to get a 100% reproducible flow
then we can walk through the code path
r
cool! lmk
m
the issue is "fixed" when I kill my browser window
so something's definitely up with my frontend state
I just need to figure out what it is 🙂
r
i see. Lmk if you would like to hop on a call
Can debug this together as well.
m
OK! I figured it out
so - Axios interceptors were initialized in a vue component instead of main
when you logged into multiple different windows, the oldest window would throw an error
that error would cause the component that normally initialized axios interceptors to bail out
moving the init all the way up to main.js resolves the issue, as interceptors are applied before any component loading
thanks again for offering support 🙂
r
ok awesome!! :))
3 Views
PreviousNext
Powered by