Why do I always get a new device Id and pre auth id fo

Question

< rp> Why do I always get a new device Id and pre auth id for passwordless OTP login even if I m using the same device

rp · Answer

Hey

rp · Answer

Cause each passwordless auth attempt is essentially stateless

rp · Answer

These are IDs that are meaningful only in that passwordless login session The next time you sign in it s like a new passwordless auth session So new IDs

web3geek · Answer

so if I want something like whatsapp can only use my app on one device at a time how can I do that

rp · Answer

Right In that case you can override the createNewSession function on the backend and check how many sessions exist for the input userId

rp · Answer

If more than 0 sessions exist you can throw an error and deny login

rp · Answer

Or you can revoke the existing session and go ahead and create a new one

web3geek · Answer

oh okay can share some reference for this

rp · Answer

Which backend SDK

web3geek · Answer

nodejs

rp · Answer

function to check how many session exists for a user https supertokens com docs nodejs modules recipe session html getAllSessionHandlesForUser 1

rp · Answer

Function to revoke a session https supertokens com docs nodejs modules recipe session html revokeSession 1

rp · Answer

See this as well it shows code for the exact use case https supertokens com docs session advanced customizations apis override custom response throwing error step 1

web3geek · Answer

thanks

web3geek · Answer

< Fabio Aguiar> check this

Fabio Aguiar · Answer

It seams perfect Tks < rp>