Hey guys, did the implementation of sessionRequire...
# support-questions
n
Hey guys, did the implementation of sessionRequired change in supertokens-node@9.2.0? Even though I had set it to false it now throws a 401 Unauthorized for public routes
return await verifySession({sessionRequired: false})(ctx.req as any, ctx.res as any, next)
r
Huh.. that’s weird. Nothing has changed regarding this
Have you tried a previous version and that worked?
n
Mhm, good point, not yet. It was working up until the today.
r
Can you enable debug logs and show me the output?
n
I'll try downgrading one minor. It's not a blocking point, I just moved the middleware logic one layer down to my protected routes, now it can actually check with sessionRequired: true, but still I thought it was weird
Sure, let me move things back
How do you enable debug logs again? 😄
r
Add env var like DEBUG=com.supertokens node index.js
n
One sec
So your explanation tells me, even though a session is not required per my parameter, having an expired access_token present in the call causes the verification to fail
?
r
Yes. Cause technically, the session does exist. The user is still logged in
n
Oooooh
So if I clean the cookies, the public route will work again having no expired token and no active session
?
It was a hypothetical question, it of course means that 😄 and it does work
r
Their refresh token is still valid.
So it just needs session refreshing
Yup. If you clear just the sIdRefresh cookie, it will not return a 401
n
I was supposed to be after a logout, but on local dev, I probably messed up the states or restarts and got stuck
r
Yeaaaa. That’s possible
n
I guarded the app with
sessionRecipe.doesSessionExist()
which was false so I was routed to the login page and that's when the error occured
is there a helper method (or maybe signout?) I can call for easy cleanup of the cookies if
sessionRecipe.doesSessionExist()
returns false?
r
I see. Yea. State is messed up.
Well. The state you somehow reached shouldn’t be possible unless manually cookies are cleared incorrectly.
So there isn’t such a helper
n
Right, if this state cannot happen on prod then I'm fine, I know now how to get out of it
thanks 👍
r
👍