execreate
05/30/2022, 10:39 AMverify_session()
wrapper in supertokens-python@dev-v0.8.2
.
I am using Django==4.0
and `djangorestframework==3.13.1`:
python
from django.utils.decorators import method_decorator
from rest_framework import viewsets, mixins, status
from supertokens_python.recipe.session.framework.django.syncio import verify_session
@method_decorator(verify_session(), name='dispatch')
class WorkplaceCreateListViewSet(mixins.ListModelMixin, mixins.CreateModelMixin, viewsets.GenericViewSet):
def create(self, request, *args, **kwargs):
return super().create(request, *args, **kwargs)
execreate
05/30/2022, 10:40 AMcreate()
function works really fine until it returns a result. It creates an object in the database, but the response is always 401execreate
05/30/2022, 10:41 AMexecreate
05/30/2022, 10:48 AMverify_session()
wrapper. It does something with the response before it reaches the client, right?execreate
05/30/2022, 10:50 AMrp_st
05/30/2022, 11:01 AMrp_st
05/30/2022, 11:01 AMexecreate
05/30/2022, 11:35 AMexecreate
05/30/2022, 11:36 AMexecreate
05/30/2022, 11:36 AMrp_st
05/30/2022, 12:45 PMexecreate
06/06/2022, 12:06 PMexecreate
06/06/2022, 12:06 PMrp_st
06/06/2022, 12:06 PMexecreate
06/06/2022, 12:07 PMrp_st
06/06/2022, 12:07 PMexecreate
06/06/2022, 12:10 PMCookie: sAccessToken="eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0%3D.eyJzZXNzaW9uSGFuZGxlIjoiM2ZjNDExOTYtNzZhMS00NGVkLWIzMzEtYTcyN2IxNjA3N2Y3IiwidXNlcklkIjoiZjVlZTg3MjAtZDFjNy00MzRlLWFmZWEtNDk5YWE4OTVkMTYxIiwicmVmcmVzaFRva2VuSGFzaDEiOiIwYjhmNDE2Njc4ZDRmYTAxYThjZmY2MzY3MTg2NzhlOTk0NTcyZGQ0OWUzNmQzNmVjNDQzMjc2MjVjN2ViNGEyIiwidXNlckRhdGEiOnsicm9sZXMiOnsiMTljZDEwMDgtNDEzNi00ZDJhLWE3NTUtNjkwNWE0YTRkZTYwIjpbIm1lZGh1Yl9hZG1pbiJdLCJlZDgxNWFjNi1kMjk3LTRlMjMtYTk3ZS0xMzI1MmU1ZGVlZjgiOlsicGhhcm1hY2lzdCJdfX0sImV4cGlyeVRpbWUiOjE2NTQ1MTczNjIwNTYsInRpbWVDcmVhdGVkIjoxNjU0NTE2NDYyMDU2LCJsbXJ0IjoxNjU0NTE2NDYyMDU2fQ%3D%3D.FH7Z23BLURZwU2QFTK8FDWiCZ24qOiKottGWiqYcYYcb8yxZAW1yeQ2HHRjtS%2Bb%2Bx0jwm0t/WEWzAVAZC1MCQMTMhPOZiJcASml/zpke00lIgxOAIePMRuJ7xuJlYWnsF9K7V255C8iV8Kk7jhj38GkK1IIFiOVrAXBB/vWemMCbLONIpfpovnTzwjPZr33RPtFQRNmgGtssw66pXqvTQMGhhVpozaiumPo7nwu0L9cWU69Hkq0B8ecRFZtG7GNd9xCTH9%2BBIm/3xiDc8bRR9C7KVH%2BgafdndjBk0Tao6yqLr6/4kOQl8PizTH/7TVhailWI7w%2BTlbOpvISXfG9szw%3D%3D"; sFrontToken=eyJhdGUiOjE2NTQ1MTczNjIwNTYsInVpZCI6ImY1ZWU4NzIwLWQxYzctNDM0ZS1hZmVhLTQ5OWFhODk1ZDE2MSIsInVwIjp7InJvbGVzIjp7IjE5Y2QxMDA4LTQxMzYtNGQyYS1hNzU1LTY5MDVhNGE0ZGU2MCI6WyJtZWRodWJfYWRtaW4iXSwiZWQ4MTVhYzYtZDI5Ny00ZTIzLWE5N2UtMTMyNTJlNWRlZWY4IjpbInBoYXJtYWNpc3QiXX19fQ==; sIRTFrontend=e9b69c00-e083-4a67-a7d0-8a4c25444859; sIdRefreshToken=e9b69c00-e083-4a67-a7d0-8a4c25444859; csrftoken=lSdQnNKX69dARz0PrKY51MBD6D3i16VwlfgruhRQaTysXjzdZvhfudxDoWc4v2KO; sessionid=fvyyl9i32lvgt85ysq1y2ehl8e1xl28l
rid: anti-csrf
logs have nothing unusual, just a json object with "message": "unauthorised"
on the backend it just says Unauthorized
execreate
06/06/2022, 12:10 PMWARNING:root:something went wrong when creating a role: Session does not exist.
let me see where it is logging from...execreate
06/06/2022, 12:11 PMpython
instance = Workplace.objects.create(
organization=validated_data['organization'],
user_profile=validated_data['user_profile'],
role=validated_data['role'],
role_specialization=validated_data['role_specialization'],
)
if 'job_order_document' in validated_data and validated_data['job_order_document'] is not None and \
len(validated_data['job_order_document']) > 0:
instance.job_order_document = validated_data['job_order_document']
instance.save()
try:
ProfileRole.create_role(instance.user_profile_id, instance.role_id, instance.organization_id,
instance.role_specialization_id)
except Exception as e:
logging.warning(f"something went wrong when creating a role: {e}")
instance.delete()
raise e
return instance
execreate
06/06/2022, 12:12 PMpython
def update_user_roles(profile_id):
# we first get all the session_handles (List[string]) for a user
prof = Profile.objects.get(pk=profile_id)
supertokens_user_id = prof.supertokens_user_id
session_handles = get_all_session_handles_for_user(supertokens_user_id)
for handle in session_handles:
current_session_info = get_session_information(handle)
current_access_token_payload = current_session_info.access_token_payload
profile_roles = ProfileRole.objects.filter(profile=prof, is_active=True)
for profile_role in profile_roles:
org_id = str(profile_role.at_id)
if org_id not in current_access_token_payload["roles"]:
current_access_token_payload["roles"][org_id] = [profile_role.role]
else:
current_access_token_payload["roles"][org_id].append(profile_role.role)
update_access_token_payload(handle, current_access_token_payload)
python
@classmethod
def create_role(cls, profile_id, role_id, organization_id, specialization_id):
cls.objects.create(
profile_id=profile_id,
role=cls.get_profile_role(role_id),
at_id=organization_id,
specialization_id=specialization_id,
)
update_user_roles(profile_id)
execreate
06/06/2022, 12:13 PMget_all_session_handles_for_user
, right?execreate
06/06/2022, 12:13 PMpython
from supertokens_python.recipe.session.syncio import get_all_session_handles_for_user, update_access_token_payload, get_session_information
execreate
06/06/2022, 12:14 PMrp_st
06/06/2022, 12:15 PMrp_st
06/06/2022, 12:16 PMrp_st
06/06/2022, 12:16 PMexecreate
06/06/2022, 12:16 PMrp_st
06/06/2022, 12:16 PMexecreate
06/06/2022, 12:21 PMexecreate
06/06/2022, 12:23 PMupdate_user_roles
call from above is causing the error that says Session does not exist
maybe get_all_session_handles_for_user(supertokens_user_id)
?
or get_session_information(handle)
?rp_st
06/06/2022, 12:24 PMrp_st
06/06/2022, 12:25 PMrp_st
06/06/2022, 12:25 PMrp_st
06/06/2022, 12:26 PMverify_session
?execreate
06/06/2022, 12:27 PMpython
@method_decorator(verify_session(), name='dispatch')
class WorkplaceCreateListViewSet(mixins.ListModelMixin, mixins.CreateModelMixin,
viewsets.GenericViewSet):
execreate
06/06/2022, 12:29 PMget_all_session_handles_for_user(supertokens_user_id)
call the user_id
is the id
of the current userrp_st
06/06/2022, 12:30 PMsupertokens_user_id
that is being passed to it is correct?execreate
06/06/2022, 12:30 PMrp_st
06/06/2022, 12:31 PMexecreate
06/06/2022, 12:36 PMrp_st
06/06/2022, 12:37 PMexecreate
06/06/2022, 12:37 PMget_all_session_handles_for_user
are non existent for get_session_information
execreate
06/06/2022, 12:37 PMrp_st
06/06/2022, 12:38 PMrp_st
06/06/2022, 12:38 PMexecreate
06/06/2022, 12:38 PMrp_st
06/06/2022, 12:39 PMrp_st
06/06/2022, 12:47 PMrp_st
06/06/2022, 12:58 PMexecreate
06/06/2022, 1:16 PMexecreate
06/06/2022, 1:16 PMrp_st
06/06/2022, 1:17 PMrp_st
06/06/2022, 1:17 PMexecreate
06/06/2022, 1:17 PMrp_st
06/06/2022, 1:17 PMexecreate
06/06/2022, 1:17 PMexecreate
06/06/2022, 1:18 PMrp_st
06/06/2022, 1:18 PMexecreate
06/06/2022, 1:18 PMrp_st
06/06/2022, 1:18 PMexecreate
06/06/2022, 1:23 PMrp_st
06/06/2022, 1:24 PMrp_st
06/06/2022, 6:21 PMcurl --location --request GET 'https://try.supertokens.com/recipe/session?sessionHandle=someSession' \
--header 'api-key: key'
execreate
06/06/2022, 6:30 PM1654550761853 | 1654538161853
does not work: 1654528138210 | 1654515538210
rp_st
06/07/2022, 8:23 AMexecreate
06/07/2022, 9:07 AM