https://supertokens.com/ logo
o

Oskar

06/13/2022, 4:46 PM
Hi all. Is it possible to get all sessions for the user on the front client (nextjs)? Or this is not available yet?
r

rp

06/13/2022, 5:05 PM
Hey! It is possible to get a list of session handles for a user ID on the backend. You could always create an API on the backend which returns that list to your frontend/.
o

Oskar

06/13/2022, 5:07 PM
Thanks. Is it only on the backend for security reasons?
r

rp

06/13/2022, 5:08 PM
It's fairly uncommon to get a list of sessions of a user on the frontend, but much more common to do so on the backend. Hence we only have this on the backend
o

Oskar

06/13/2022, 5:10 PM
Alright, thanks
r

rp

06/13/2022, 5:10 PM
If i may, what's the use case to get a list of sessions on the frontend? To show the user which all devices they have logged into?
o

Oskar

06/13/2022, 5:11 PM
yes
r

rp

06/13/2022, 5:12 PM
ah i see. Makes sense
One thing though is that you may want to store device info in a session to show to the user
for that, you can override the createNewSession function on the backend and add info to the session data of a session with the device info. Now the device info, you can get from the user-agent of the request. The request object itself can be set in the userContext object of the sign in / sign up request.
If you tell me which recipe and which backend SDK, i can show some code snippets
o

Oskar

06/13/2022, 5:19 PM
Will be great to see some code
ThirdPartyEmailPassword Recipe / ReactJS
r

rp

06/13/2022, 5:19 PM
backend SDK?
o

Oskar

06/13/2022, 5:19 PM
NodeJS sorry
its a next api
r

rp

06/13/2022, 5:27 PM
You want to do something like this:
Copy code
ts
ThirdPartyEmailPassword.init({
    override: {
        apis: (oI) => {
            return {
                ...oI,
                emailPasswordSignInPOST: (input) => {
                    // we can access req later on in the API
                    input.userContext.req = input.options.req;
                    return oI.emailPasswordSignInPOST!(input);
                },
                emailPasswordSignUpPOST: (input) => {
                    // we can access req later on in the API
                    input.userContext.req = input.options.req;
                    return oI.emailPasswordSignUpPOST!(input);
                },
                thirdPartySignInUpPOST: (input) => {
                    // we can access req later on in the API
                    input.userContext.req = input.options.req;
                    input.options.req.getHeaderValue('User-Agent');
                    return oI.thirdPartySignInUpPOST!(input);
                },
            }
        }
    }
})

Session.init({
    override: {
        functions: (oI) => {
            return {
                ...oI,
                createNewSession: async function (input) {
                    // same req as what's available in the sign in / sign up APIs
                    let req = input.userContext.req;
                    let userAgent = req.getHeaderValue('User-Agent');
                    if (userAgent !== undefined) {
                        // this saves the user-agent info in the session
                        // so that it can be fetched later on when displaying the user's
                        // device list 
                        input.sessionData = {
                            ...input.sessionData,
                            userAgent
                        }
                    }
                    return oI.createNewSession(input);
                }
            }
        }
    }
})
In the recipeList in supertokens.init
And then later in the API that returns the device list, you can:
Copy code
ts
async function getDevicesForAUser(userId: string) {
    let sessions = await Session.getAllSessionHandlesForUser(userId);
    return sessions.map(async sessionHandle => {
        let sessionInfo = await Session.getSessionInformation(sessionHandle);
        let sessionData = sessionInfo.sessionData;
        let userAgent = sessionData.userAgent;
        return {
            sessionHandle,
            userAgent
        }
    })
}
o

Oskar

06/13/2022, 8:26 PM
Thank you. I was trying to play with it. But stuck in a stupid place. How I should pass userId to getDevicesForAUser function? I trying to pass it in fetch post, but it doesn't work for me
r

rp

06/14/2022, 4:06 AM
You need to make an API of your own which does session verification first, and then gets the userId from the session object