Hello there! I'm trying to implement Supertokens i...
# support-questions
Hello there! I'm trying to implement Supertokens in my Angular Frontend. The following code gives me
Object {  }
. How do i get the actual token payload? I need to check for user roles inside it.
Copy code
let accessTokenPayload = await SuperTokens.getAccessTokenPayloadSecurely();
Any ideas? Thanks in advance
Hey @ThomasK
By default it is empty. Have you added any content to it in the backend?
Good point, just saw i messed up something in the backend. Will get back to you later once i see if i can get it fixed! Thanks.
Unfortunately the problem persists... The id of the current user is correct. I double checked the aws db if the user actually has the role and he does. But the console.log mentioned above only produces this output
both work perfectly fine
Hmm. Can you show me the value of sIRTFrontend that is set in the cookies?
Also, which SDK are you using on the frontend?
I'm using supertokens-website with angular
And the value of sFrontToken please?
Can you base 64 decode the value and show the output?
Sure, give me a second
Copy code
  "ate": 1654013814639,
  "uid": "d2fec8dc-2b50-4d2a-a159-db98c2718997",
  "up": {}
Hmm. So the access token payload content is indeed empty
How are you setting the access token payload on the backend
Oh, do i have to set the payload explicitly? I only used the
override to set the role for the new user, but didn't set any token payload data.
Right yea. You need to set the payload too. In the future, we would set the payload automatically, but that’s when we have a deeper integration with user roles recipe from the backend SDK
Okay great, i'll take a look at the documentation. Thank you so much
Just to clarify: The right way to do this right now is to set the payload data once after login (by overriding the login method) for every login call? Or do i have to do this everytime the frontend call the API? The documentation (https://supertokens.com/docs/emailpassword/common-customizations/sessions/update-jwt-payload) implemented a new route for this but i can just do this in the login override right?
Seems to work like this with session creation override(in case anyone comes across with the same question, not sure if this is the perfect approach though):
Copy code
def override_functions(original_implementation: RecipeInterface):
        original_implementation_create_new_session = original_implementation.create_new_session
        async def create_new_session(request: Any, user_id: str,
                                    access_token_payload: Union[None, Dict[str, Any]],
                                    session_data: Union[None, Dict[str, Any]], user_context: Dict[str, Any]):
            if session_data is None:
                session_data = {}
            if access_token_payload is None:
                access_token_payload = {}
            access_token_payload["roles"] = AuthHelper.get_user_roles(user_id=user_id)["roles"]
            return await original_implementation_create_new_session(request, user_id, access_token_payload, session_data, user_context)
        original_implementation.create_new_session = create_new_session
        return original_implementation
with AuthHelper.get_user_roles:
Copy code
    def get_user_roles(user_id: str) -> json:
        headers = {"api-key" : config.API_KEY, "cdi-version": config.CDI_VERSION, "rid": "userroles" }
        params = {"userId": user_id}
        r = requests.get(f'{config.SUPERTOKENS_API}/recipe/user/roles', headers=headers, params=params)
        return r.json()
Once after login only.
Sorry, I saw your code snippet after I pasted the link above (discord didn’t load the message for me until much later)
But yea. You did it correctly!
Not to worry, you pointed me in the right direction nonetheless. Thanks!