https://supertokens.com/ logo
Channels
Powered by
z

Zoomeez

05/31/2022, 12:36 PM
Hello 🙂 I need some help with frontend configuration. I have the problem that on my domain with cname record, there is some problem with cookies, basically sAccessToken does not get set. It works on the canonical domain, which I set as websiteBasePath. I can log in on both domains. The canonical domain and the cname are subdomains which I set in sessionScope in Session.init Which piece am I missing?
r

rp

05/31/2022, 12:38 PM
hey @Zoomeez
so if i understand correctly, you are having issues sharing session across sub domains?
Can you enable frontend and backend logs and send a request that fails with a 401?
z

Zoomeez

05/31/2022, 12:55 PM
how do I actually enable logs in frontend? I can see that the cookie does not get sent on requests, so there is no session in the backend
r

rp

05/31/2022, 12:57 PM
z

Zoomeez

05/31/2022, 1:41 PM
thanks, I enabled it. that took some time since it needed a deploy. Do you have an idea what to look for? Logs look the same on both domains
r

rp

05/31/2022, 1:42 PM
can you send it over?
z

Zoomeez

05/31/2022, 1:45 PM
there it does not work, but it works here:
r

rp

05/31/2022, 1:46 PM
ok seeing
So it works for https://console.sento.io? but not for the other one?
z

Zoomeez

05/31/2022, 1:48 PM
no the other way around
r

rp

05/31/2022, 1:48 PM
hmm. that's strange
z

Zoomeez

05/31/2022, 1:50 PM
the cookie for the request on console.sento.io looks like 
i18next=de; sIRTFrontend=cd5d4a47-ba72-4653-9e4e-52697a5b38c6; sFrontToken=eyJhdGUiOjE2NTQwMDc3MzYyNDUsInVpZCI6IjkzNTg3MDgyLTM2NWQtNDkzZi1iYjNhLWUzZDMzYzVkMGEyMiIsInVwIjp7ImVtYWlsIjoicm9iaW5Ac2VudG8uaW8iLCJyb2xlX2J5X2N1c3RvbWVyIjp7IjU5ZjkyMmFhLTA2ZWYtNDUzNC05NGRlLTk0MGUzMjM2NjNmYSI6IkVYVEVSTkFMX0FETUlOIiwiYjEzZjEzZWMtM2NkOC00MzBiLWFlYWQtM2M4YjgyNjkzYjJhIjoiRVhURVJOQUxfQURNSU4ifX19
r

rp

05/31/2022, 1:50 PM
that's about fine
z

Zoomeez

05/31/2022, 1:51 PM
while on console.pipeline.prod-cluster.internal.sento.io it's: 
i18next=de; sIRTFrontend=dd3be633-fb13-4353-866f-967bd8e3400b; sFrontToken=eyJhdGUiOjE2NTM5Mjk3Mzc2MzEsInVpZCI6IjkzNTg3MDgyLTM2NWQtNDkzZi1iYjNhLWUzZDMzYzVkMGEyMiIsInVwIjp7ImVtYWlsIjoicm9iaW5Ac2VudG8uaW8iLCJyb2xlX2J5X2N1c3RvbWVyIjp7IjU5ZjkyMmFhLTA2ZWYtNDUzNC05NGRlLTk0MGUzMjM2NjNmYSI6IkVYVEVSTkFMX0FETUlOIiwiYjEzZjEzZWMtM2NkOC00MzBiLWFlYWQtM2M4YjgyNjkzYjJhIjoiRVhURVJOQUxfQURNSU4ifX19; sAccessToken="eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0%3D.eyJzZXNzaW9uSGFuZGxlIjoiYTM5OGU3NDYtNTA4Ni00ZjgxLTg4YzUtMjk3YjFmOWU5MjNhIiwidXNlcklkIjoiOTM1ODcwODItMzY1ZC00OTNmLWJiM2EtZTNkMzNjNWQwYTIyIiwicmVmcmVzaFRva2VuSGFzaDEiOiIzYmZlYWNkOGJjMmYxZTQzNjFlNWUzMzBjMmU5MmZlN2YzZjYyOGY0ODE5NDQ1MDhlYTJkMTE0YjlmNzdhYzAzIiwidXNlckRhdGEiOnsiZW1haWwiOiJyb2JpbkBzZW50by5pbyIsInJvbGVfYnlfY3VzdG9tZXIiOnsiNTlmOTIyYWEtMDZlZi00NTM0LTk0ZGUtOTQwZTMyMzY2M2ZhIjoiRVhURVJOQUxfQURNSU4iLCJiMTNmMTNlYy0zY2Q4LTQzMGItYWVhZC0zYzhiODI2OTNiMmEiOiJFWFRFUk5BTF9BRE1JTiJ9fSwiZXhwaXJ5VGltZSI6MTY1NDAwNzM5MjEzMCwidGltZUNyZWF0ZWQiOjE2NTQwMDM3OTIxMzAsImxtcnQiOjE2NTQwMDM3OTIxMzB9.tPaRZxCRliT4OsuYqk31xIuewdeSsqdAGXrrrFvFJC6F1MM51bar3IIVmhwLLdhwA3LkqCSoHTUjTRDMQpY60wl3VJzP9YDSowtf8L9%2BUUn5Od/3LuWeFr95w4zVWRINBsCj3m/m89S/G2TXai1Z%2B%2B0AQrLG0aH2A0ko%2BlxR7nmTyf4Mh9UaB9flxKZi6KnPeYKiMwsVwYc8per%2B1SShZpj2D4uLEpQjSYk/m6qYKn5tUem90M6qOJqIAE9P6uFDC6GtZ6TrNpAuvoaVgSI9KwJeRXQYZCaa03W3JWRgT/azAfmjicRc9LQkvG9EvQHK/UCohnqPG/sENxkbfBaSxQ%3D%3D"; sIdRefreshToken=a8769486-5d5c-4a98-a16b-7df037783078; sIRTFrontend=cd5d4a47-ba72-4653-9e4e-52697a5b38c6; sFrontToken=eyJhdGUiOjE2NTQwMDc3MzYyNDUsInVpZCI6IjkzNTg3MDgyLTM2NWQtNDkzZi1iYjNhLWUzZDMzYzVkMGEyMiIsInVwIjp7ImVtYWlsIjoicm9iaW5Ac2VudG8uaW8iLCJyb2xlX2J5X2N1c3RvbWVyIjp7IjU5ZjkyMmFhLTA2ZWYtNDUzNC05NGRlLTk0MGUzMjM2NjNmYSI6IkVYVEVSTkFMX0FETUlOIiwiYjEzZjEzZWMtM2NkOC00MzBiLWFlYWQtM2M4YjgyNjkzYjJhIjoiRVhURVJOQUxfQURNSU4ifX19
r

rp

05/31/2022, 1:52 PM
When you sign in, can I see the set-cookie headers returned from the API? A screenshot of all the headers would do
z

Zoomeez

05/31/2022, 1:54 PM
yes
Copy code
set-cookie: sAccessToken="eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0%3D.eyJzZXNzaW9uSGFuZGxlIjoiZTY0ZDFmNzktMTQwYS00NTI2LTg0YTktZWI5ZDk4YmEwNmYxIiwidXNlcklkIjoiOTM1ODcwODItMzY1ZC00OTNmLWJiM2EtZTNkMzNjNWQwYTIyIiwicmVmcmVzaFRva2VuSGFzaDEiOiJiZGRiZjE3YzY3MzFjNTIyMmVkOTdiYWUyYTZlMGM0YjJjYzcxYTIwOGIwZTczMDE4YzA1NDYwNTFjYzc4ZGQ4IiwidXNlckRhdGEiOnsiZW1haWwiOiJyb2JpbkBzZW50by5pbyIsInJvbGVfYnlfY3VzdG9tZXIiOnsiNTlmOTIyYWEtMDZlZi00NTM0LTk0ZGUtOTQwZTMyMzY2M2ZhIjoiRVhURVJOQUxfQURNSU4iLCJiMTNmMTNlYy0zY2Q4LTQzMGItYWVhZC0zYzhiODI2OTNiMmEiOiJFWFRFUk5BTF9BRE1JTiJ9fSwiZXhwaXJ5VGltZSI6MTY1NDAwODc1MTg5OCwidGltZUNyZWF0ZWQiOjE2NTQwMDUxNTE4OTgsImxtcnQiOjE2NTQwMDUxNTE4OTh9.j65Tp2jztyQFgfqIPNyOQQY9iGWwMuz1eAMVF8HtGCZG1tJEazSPkme9ATeEnoGqxicYtR4%2BOzXVktYEzVMMu0dU06xWPZyYFP54PxZ5EcCgmZvG1SzRER4N6BlXyKwYvegHWwRrA%2B7O32F0ZXKg1%2BUU51p9LNApRV9Za1SResHHEzLsGk9v4XuL8cQ7PSOxa%2BN1DpOmheSd8UUS12LAQFktLjh21cAJDH7sHDyOgF8ppCye2H88GeTH7KJpXb2blxhKM%2BIIErSRZdj0TWswqm0k8IDpB/kL7anGowEeoTAR69ZCvK3IYGnMaM2hTvEgKVsCEXwdkFbwOJuZAt/ngA%3D%3D"; Domain=console.pipeline.prod-cluster.internal.sento.io; expires=Tue, 31 May 2022 14:52:31 GMT; HttpOnly; Path=/; SameSite=lax; Secure
set-cookie: sRefreshToken="3NNzgAHejSax0gm4ns90WlfrCHQ2tLeSUJgRyqNmb5z4VAmd1wE4NAu0yWCVeICb7Y/3qloPj6GGAW5iwHiNmH%2B8Dzu%2BCrR2ZzaXPxcvDiqrAiFLcY5c1h/0KD9%2BwCKDhLT90/OeVZW9ND4EddinrD2iFhotmiIi8wclkGtaqOr7vm11Cx12PK9lj9921TH22MhSEyjWsQ3i00dRHnXxP/3CJ87huQiUkM3MUSiZ%2Bvy/GDnvNJ1T%2BDZDOgfmM1rWQIeHaGCtgexOQh1PoKCz.dbf50d732b94c1e891b4de11e7e56180630896dc7148085a5792b1d4454bdd19.V2"; Domain=console.pipeline.prod-cluster.internal.sento.io; expires=Thu, 08 Sep 2022 13:52:31 GMT; HttpOnly; Path=/auth/session/refresh; SameSite=lax; Secure
set-cookie: sIdRefreshToken=b56906a0-2470-4e88-92ae-0ecce8cb4295; Domain=console.pipeline.prod-cluster.internal.sento.io; expires=Thu, 08 Sep 2022 13:52:31 GMT; HttpOnly; Path=/; SameSite=lax; Secure
r

rp

05/31/2022, 1:54 PM
is there an orange triangle next to the sAccessToken (at the end of it)
if u are using chrome
z

Zoomeez

05/31/2022, 1:55 PM
yes
yellow rather
r

rp

05/31/2022, 1:56 PM
if you hover on the yellow triangle, what does it say?
Can i see the backend config that you have added?
z

Zoomeez

05/31/2022, 2:10 PM
you mean where the recipes and such are initialized? Or rather the frontend sdk?
r

rp

05/31/2022, 2:11 PM
on the backend SDK supertokens.init
z

Zoomeez

05/31/2022, 2:13 PM
it's maybe a bit non verbose as is:
Copy code
session_recipe = session.init(
            cookie_domain=config.sca_cookie_domain,
            override=session.InputOverrideConfig(
                functions=overrides.override_session_functions
            ),
        )
        _supertokens.init(
            **args,  # type: ignore
            recipe_list=[
                session_recipe,
                emailpassword_recipe,
                metadata_recipe,
            ],
        )
        asgi_app.add_middleware(_supertokens.framework.fastapi.get_middleware())
    else:
        _supertokens.init(
            **args,  # type: ignore
            recipe_list=[
                emailpassword_recipe,
                metadata_recipe,
            ],
        )
r

rp

05/31/2022, 2:13 PM
You want to remove 
cookie_domain=config.sca_cookie_domain
z

Zoomeez

05/31/2022, 2:14 PM
ok thanks, I'll try that 🙂
great, that woked 👍
r

rp

05/31/2022, 2:37 PM
Awesome
2 Views
Powered by