https://supertokens.com/ logo
#support-questions
Title
# support-questions
o

Orszi

03/07/2022, 1:56 PM
Hi, what could be the reason that accessTokenPayload is not refreshed on the frontend? I try to update AccessTokenPayleod in my custom middleware on backend:
Copy code
const currAccessTokenPayload = req.session!.getAccessTokenPayload();
await req.session!.updateAccessTokenPayload({ newKey: 'newValue', ...currAccessTokenPayload });
and in frontend i cannot see it in the
const { accessTokenPayload } = useSessionContext();
, but in the sAccessToken cookie it already is
r

rp

03/07/2022, 1:58 PM
Are you calling
updateAccessTokenPayload
after sending a response already?
o

Orszi

03/07/2022, 2:02 PM
no, I'm updating it before send request, (also in next appi calls, newKey in the AccessTokenPayleod is still missing)
r

rp

03/07/2022, 2:04 PM
Can I see the response headers from the API call please?
o

Orszi

03/07/2022, 2:05 PM
Copy code
HTTP/1.1 400 Bad Request
X-Powered-By: Express
Access-Control-Allow-Origin: http://localhost:3001
Vary: Origin
Access-Control-Allow-Credentials: true
front-token: eyJ1aWQiOiJiY2QyMjhkYy0zNGNmLTQxMGYtYjdmZS1kMTc2MWE2YzcxZWEiLCJhdGUiOjE2NDY2NjU0NzY0OTgsInVwIjp7Im5ld0tleSI6Im5ld1ZhbHVlIiwiYXBwUGVybWlzc2lvbiI6IlBPUlRBTCJ9fQ==
Access-Control-Expose-Headers: front-token, front-token
Set-Cookie: sAccessToken=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0%3D.eyJzZXNzaW9uSGFuZGxlIjoiYTBhOGNjMTAtMmY5MC00ODg0LTg2NDctNzM2MjcyMzIxOGI2IiwidXNlcklkIjoiYmNkMjI4ZGMtMzRjZi00MTBmLWI3ZmUtZDE3NjFhNmM3MWVhIiwicmVmcmVzaFRva2VuSGFzaDEiOiIxNjdhZTNhOWNiZGI1NzAzZTlhN2IwMDlkNTFjZmFmMDFmZGJkOTVkYWY1YjRiNjNhNTg1ZDI4YTM4MjNkNTNmIiwidXNlckRhdGEiOnsibmV3S2V5IjoibmV3VmFsdWUiLCJhcHBQZXJtaXNzaW9uIjoiUE9SVEFMIn0sImV4cGlyeVRpbWUiOjE2NDY2NjU0NzY0OTgsInRpbWVDcmVhdGVkIjoxNjQ2NjYxODc4NDUzLCJsbXJ0IjoxNjQ2NjYxODc4NDUwfQ%3D%3D.RDvXCbMz2oY1T075HjHz9BorCwz5K6vMIrSptmXrH9jPRe6DZj60ro%2Bx4IvsS2xwOUAtJctBaHceU7joOuf%2BxjzY0hApnr4JI12ia4nkLtCGVClxN5NpILlP1wdONLW3IpWue0egpSe1q8b3ByKBFMD%2BZW%2BegTMpkOOrmW2tdo911ORb0ObVfiO1cYqhBEgGXkfQstrX0bp5d%2B6AmszQ4vRXLkjGEbmeuGoPKIIr8hVC40vVtxzPxyQKtLYaYmdHCPbzo9DQR22F5vQaB6p1JCWSAcrX%2FnDOO8Is5Ktc6qshcUwsQMBjQLrKzgcAWlWI0%2BdKsjgdV2YO1BBApz9m4Q%3D%3D; Path=/; Expires=Mon, 07 Mar 2022 15:04:36 GMT; HttpOnly; SameSite=Lax
Content-Type: application/json; charset=utf-8
Content-Length: 132
ETag: W/"84-30Faf12mbQ8Q9dSFfQ8EhAQGhdc"
Date: Mon, 07 Mar 2022 14:04:38 GMT
Connection: keep-alive
Keep-Alive: timeout=5
r

rp

03/07/2022, 2:06 PM
Can you tell me what the updated payload should look like?
Is it supposed to be:
Copy code
{
  "newKey": "newValue",
  "appPermission": "PORTAL"
}
o

Orszi

03/07/2022, 2:07 PM
appPermission is created in override.apis.signInPOST
Copy code
const session = await createNewSession(
                      options.res,
                      user.id,
                      {
                        appPermission: 'PORTAL',
                        // res
                      },
                      {},
                      userContext,
                    );
and it is working as expected
and on the fronted i get only appPermission from token
r

rp

03/07/2022, 2:08 PM
the front-token, which is what is read on the frontend, has the correct value as well. So now the problem seems to be that the useSessionContext is not getting updated.
Which version of the auth-react SDK are you on?
o

Orszi

03/07/2022, 2:09 PM
iv already updated it to v0.19
"supertokens-auth-react": "^0.19.0",
r

rp

03/07/2022, 2:10 PM
Did this work before the update?
Also, can you do
await Session.getAccessTokenPayloadSecurely()
and see what that returns? https://supertokens.com/docs/auth-react/modules/recipe_session.html#getAccessTokenPayloadSecurely-1
o

Orszi

03/07/2022, 2:20 PM
> Did this work before the update? I don't know, it is a new feature in my app 🙂 Previously i need only appPermission send in override and it worked properly > Also, can you do await Session.getAccessTokenPayloadSecurely() and see what that returns? also only
appPermission: "PORTAL"
but after 401 and session refreshing on fronted - newKey appears
r

rp

03/07/2022, 2:26 PM
hmmm. That's really odd.
Session.getAccessTokenPayloadSecurely()
reads from the storage layer directly. It should have given the updated result.
Just testing on our side. Let me get back.
o

Orszi

03/07/2022, 2:29 PM
ok, thanks 🙂
r

rp

03/07/2022, 2:34 PM
So using
Session.getAccessTokenPayloadSecurely()
should always give the latest value (As per my current testing). But there is an issue where the sessionContext is not updated when the access token payload is changed.
On the frontend, after you make the APi call, Can you do
console.log(await Session.getAccessTokenPayloadSecurely());
and see if you are getting the older payload?
I have made an issue about the session context here: https://github.com/supertokens/supertokens-auth-react/issues/397 - if you would like to follow it. In the meantime, you can refrain from using sessionContext for the purpose of reading the access token payload, and use the
getAccessTokenPayloadSecurely
(that should work).
o

Orszi

03/07/2022, 2:53 PM
yes, it is working in this way, thanks, one more question: If the response is other than 200, getAccessTokenPayloadSecurely() does not work - old value will be returned?
r

rp

03/07/2022, 2:55 PM
Yes. A non error status code should update the payload on the frontend
o

Orszi

03/07/2022, 3:00 PM
ok, then that also was wrong in my code, I've wrongly expected that all responses (also 400) update payload, thanks for everything 🙂
r

rp

03/07/2022, 3:00 PM
Im closing this thread for now on Discord. Please feel free to follow the issue created above.
o

Orszi

03/07/2022, 3:00 PM
sure, thansk