https://supertokens.com/ logo
Join Discord
Powered by
Hi, what could be the reason that accessTokenPaylo...
# support-questions
o
Hi, what could be the reason that accessTokenPayload is not refreshed on the frontend? I try to update AccessTokenPayleod in my custom middleware on backend:
Copy code
const currAccessTokenPayload = req.session!.getAccessTokenPayload();
await req.session!.updateAccessTokenPayload({ newKey: 'newValue', ...currAccessTokenPayload });
and in frontend i cannot see it in the 
const { accessTokenPayload } = useSessionContext();
, but in the sAccessToken cookie it already is
r
Are you calling 
updateAccessTokenPayload
after sending a response already?
o
no, I'm updating it before send request, (also in next appi calls, newKey in the AccessTokenPayleod is still missing)
r
Can I see the response headers from the API call please?
o
Copy code
HTTP/1.1 400 Bad Request
X-Powered-By: Express
Access-Control-Allow-Origin: http://localhost:3001
Vary: Origin
Access-Control-Allow-Credentials: true
front-token: eyJ1aWQiOiJiY2QyMjhkYy0zNGNmLTQxMGYtYjdmZS1kMTc2MWE2YzcxZWEiLCJhdGUiOjE2NDY2NjU0NzY0OTgsInVwIjp7Im5ld0tleSI6Im5ld1ZhbHVlIiwiYXBwUGVybWlzc2lvbiI6IlBPUlRBTCJ9fQ==
Access-Control-Expose-Headers: front-token, front-token
Set-Cookie: sAccessToken=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0%3D.eyJzZXNzaW9uSGFuZGxlIjoiYTBhOGNjMTAtMmY5MC00ODg0LTg2NDctNzM2MjcyMzIxOGI2IiwidXNlcklkIjoiYmNkMjI4ZGMtMzRjZi00MTBmLWI3ZmUtZDE3NjFhNmM3MWVhIiwicmVmcmVzaFRva2VuSGFzaDEiOiIxNjdhZTNhOWNiZGI1NzAzZTlhN2IwMDlkNTFjZmFmMDFmZGJkOTVkYWY1YjRiNjNhNTg1ZDI4YTM4MjNkNTNmIiwidXNlckRhdGEiOnsibmV3S2V5IjoibmV3VmFsdWUiLCJhcHBQZXJtaXNzaW9uIjoiUE9SVEFMIn0sImV4cGlyeVRpbWUiOjE2NDY2NjU0NzY0OTgsInRpbWVDcmVhdGVkIjoxNjQ2NjYxODc4NDUzLCJsbXJ0IjoxNjQ2NjYxODc4NDUwfQ%3D%3D.RDvXCbMz2oY1T075HjHz9BorCwz5K6vMIrSptmXrH9jPRe6DZj60ro%2Bx4IvsS2xwOUAtJctBaHceU7joOuf%2BxjzY0hApnr4JI12ia4nkLtCGVClxN5NpILlP1wdONLW3IpWue0egpSe1q8b3ByKBFMD%2BZW%2BegTMpkOOrmW2tdo911ORb0ObVfiO1cYqhBEgGXkfQstrX0bp5d%2B6AmszQ4vRXLkjGEbmeuGoPKIIr8hVC40vVtxzPxyQKtLYaYmdHCPbzo9DQR22F5vQaB6p1JCWSAcrX%2FnDOO8Is5Ktc6qshcUwsQMBjQLrKzgcAWlWI0%2BdKsjgdV2YO1BBApz9m4Q%3D%3D; Path=/; Expires=Mon, 07 Mar 2022 15:04:36 GMT; HttpOnly; SameSite=Lax
Content-Type: application/json; charset=utf-8
Content-Length: 132
ETag: W/"84-30Faf12mbQ8Q9dSFfQ8EhAQGhdc"
Date: Mon, 07 Mar 2022 14:04:38 GMT
Connection: keep-alive
Keep-Alive: timeout=5
r
Can you tell me what the updated payload should look like?
Is it supposed to be:
Copy code
{
  "newKey": "newValue",
  "appPermission": "PORTAL"
}
o
appPermission is created in override.apis.signInPOST
Copy code
const session = await createNewSession(
                      options.res,
                      user.id,
                      {
                        appPermission: 'PORTAL',
                        // res
                      },
                      {},
                      userContext,
                    );
and it is working as expected
and on the fronted i get only appPermission from token
r
the front-token, which is what is read on the frontend, has the correct value as well. So now the problem seems to be that the useSessionContext is not getting updated.
Which version of the auth-react SDK are you on?
o
iv already updated it to v0.19 
"supertokens-auth-react": "^0.19.0",
r
Did this work before the update?
Also, can you do 
await Session.getAccessTokenPayloadSecurely()
and see what that returns? https://supertokens.com/docs/auth-react/modules/recipe_session.html#getAccessTokenPayloadSecurely-1
o
> Did this work before the update? I don't know, it is a new feature in my app 🙂 Previously i need only appPermission send in override and it worked properly > Also, can you do await Session.getAccessTokenPayloadSecurely() and see what that returns? also only 
appPermission: "PORTAL"
but after 401 and session refreshing on fronted - newKey appears
r
hmmm. That's really odd. 
Session.getAccessTokenPayloadSecurely()
reads from the storage layer directly. It should have given the updated result.
Just testing on our side. Let me get back.
o
ok, thanks 🙂
r
So using 
Session.getAccessTokenPayloadSecurely()
should always give the latest value (As per my current testing). But there is an issue where the sessionContext is not updated when the access token payload is changed.
On the frontend, after you make the APi call, Can you do 
console.log(await Session.getAccessTokenPayloadSecurely());
and see if you are getting the older payload?
I have made an issue about the session context here: https://github.com/supertokens/supertokens-auth-react/issues/397 - if you would like to follow it. In the meantime, you can refrain from using sessionContext for the purpose of reading the access token payload, and use the 
getAccessTokenPayloadSecurely
(that should work).
o
yes, it is working in this way, thanks, one more question: If the response is other than 200, getAccessTokenPayloadSecurely() does not work - old value will be returned?
r
Yes. A non error status code should update the payload on the frontend
o
ok, then that also was wrong in my code, I've wrongly expected that all responses (also 400) update payload, thanks for everything 🙂
r
Im closing this thread for now on Discord. Please feel free to follow the issue created above.
o
sure, thansk
3 Views
PreviousNext
Powered by