I just setup Supertokens and got it linked with my...
# support-questions
s
I just setup Supertokens and got it linked with my db and I got the init command added to my api. Do I have to create all the routes for my API or is there something i'm missing?
r
Hey @Silentassassin
If you follow our quite setup guide, it tells you to add a supertoeks middleware to your backend. That middleware automatically adds all the routes so that the frontend can call them
The routes added will depend on the set of recipes that you have initialised in the recipeList
s
Oh, I think I missed this
Copy code
app.use(middleware());
r
Yup 🙂
s
Let me test it real quick
Hm it still has 404 not found
These are the two things I added to my API```app.use(middleware()); supertokens.init({ framework: "express", supertokens: { connectionURI: "localhost:3567", }, appInfo: { apiDomain: "localhost", appName: "ProjectVAST", websiteDomain: "localhost", }, recipeList: [EmailPassword.init(), Session.init()], });```
r
Which api are you trying to call? The list of APIs are here: supertokens.com/docs/fdi
s
r
POST?
s
Yeah
r
Can you enable debug logging and show the log output? Also, can you move the app.use(middleware()) part to below supertokens.init?
s
I moved it to the bottom but how do I enable debug logging?
r
DEBUG=com.supertokens node index.js
s
r
What are the logs when you call the API?
s
It doesn't log anything it just stops
It stops after what I put in the pastebin
r
Hmm. That means the middleware is not being called at all.
Are you sure you have added the middleware correctly? And that something before it is not returning a 404?
s
I have a route for /hello that works fine. And by adding middleware you mean the app.use middleware?
r
Yes.
The middleware is not running at all when you call the sign out API. So there might be an issue with how you have added the middleware. Or the position of it.
s
I can upload my app.js
r
Hmm. Seems fine on first glance. But something is obviously wrong since the express app is not calling the middleware
s
Why would that be?
r
How are you running by app?
Maybe you can see the differences
Or build on top of the example express app
s
I'll take a look at that
Oh yeah thats what I was looking at to make the file
r
Hmm. Well, the example app does work for sure
s
I just used the app.js from the github and /sessioninfo works but if I post to /auth/signin it says
Copy code
<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="utf-8">
    <title>Error</title>
</head>

<body>
    <pre>Cannot POST /auth/sigin</pre>
</body>

</html>
r
How are you running the app?
s
Wait nevermind I restarted it and it worked
r
Hmm. Cool
s
Thank you for the help. Also I'm pretty new to making apis so does the app.js file have anything important security wise missing from it?
r
Nothing is missing as such
s
Alright
Wait so now when I want to implement the frontend since I'm using vue I have to use supertokens-website right?
r
Yes. Correct @Silentassassin
s
I got everything working besides when I try to signin with google I get a 500 error
and there are no errors in the debug log or error log
s
that's what I was following when I get on my computer I'll send the code
r
cool
s
Copy code
supertokens.init({
    framework: "express",
    enableDebugLogs: true,
    supertokens: {
        connectionURI: "localhost:3567",
    },
    appInfo: {
        appName: "Project VAST", // TODO: Your app name
        apiDomain, // TODO: Change to your app's API domain
        websiteDomain, // TODO: Change to your app's website domain
    },
    recipeList: [
        ThirdPartyEmailPassword.init({
            providers: [
                ThirdPartyEmailPassword.Google({
                    clientId: "redacted.apps.googleusercontent.com",
                    clientSecret: "GOCSPX-redacted",
                }),
            ]
        }),
        Session.init()
    ],
});
r
What’s the error?
s
It returns 500 and says Internal error: Request failed with status code 400 and nothign helpful shows up in the debug logs
error.log is empty and i'll post what node says one sec
r
Can you double check your client ID and client secret, and also check that the URL provided on google's cashboard is correct.
s
I'm using localhost and I have that in the google dashboard, and I know the keys are correct
r
what exactly have you put on google's dashboard? The full URL please
s
Copy code
com.supertokens {t: "2022-06-17T15:40:02.217Z", message: "middleware: Started", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:158:26" sdkVer: "9.2.3"} +0ms

  com.supertokens {t: "2022-06-17T15:40:02.218Z", message: "middleware: requestRID is: anti-csrf", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:172:26" sdkVer: "9.2.3"} +0ms

  com.supertokens {t: "2022-06-17T15:40:02.219Z", message: "middleware: Checking recipe ID for match: thirdpartyemailpassword", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:220:34" sdkVer: "9.2.3"} +0ms

  com.supertokens {t: "2022-06-17T15:40:02.220Z", message: "middleware: Request being handled by recipe. ID is: /signinup", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:225:38" sdkVer: "9.2.3"} +0ms

  com.supertokens {t: "2022-06-17T15:40:02.346Z", message: "errorHandler: Started", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:249:26" sdkVer: "9.2.3"} +0ms

  com.supertokens {t: "2022-06-17T15:40:02.347Z", message: "errorHandler: Started", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:249:26" sdkVer: "9.2.3"} +0ms

POST /auth/signinup 500 133.104 ms - 51
Thats the debug log and I'll check hold up
r
this type of erorr comes when the redirect URL or client ID or client secret is not properly configured.
s
I added both the front end and backend api ports and also just localhost
r
right. So you missed adding the path
s
Oh wait yeah I see in the ? it wants a path let me try adding it hold on
Would I add /auth/signinup or the url to my front end page that has that post call?
r
that should be /auth/callback/google
in our docs
(quick setup -> backend)
s
If I try to post to the that I get 404 not found
r
thats a frontend route
on your website
s
But yeah I missed that I wasn't following that guide to set it up I just looked at the Github example
r
ah right
well, lmk if it works
s
So I have to create the route? it doesn't use the supertokens api
r
you use our supertokens-auth-react SDK righrt?
s
I'm using supertokens-website because i'm using vue
r
ah right
well, in that case, how are you making the API call to the signinup API?
s
and i'm using vue3-google-login to add the button
That package creates a button and adds a callback function that I was using to post the code to /auth/signinup
r
and what redirectUri do you pass to the API request?
and what redirect_uri does vue3-google-login give to google?
s
I was just providing the link to the signup page because that has the post login
and I don't think it needed that as an option, it only needed the clientid
r
right. I see.
it highlights how to add social login with custom UI
and which API calls to make with what inputs
s
I'll take a look at it thank you
I really appreciate the fast support for this project!
r
thanks!
s
So in the guide it uses website/callback, instead would I just be able to send it back to /signup and handle it in there, or would there be something wrong with doing it that way?
r
you need to see what the redirect_uri value is when you are redirected to google. So that's something you will have to see from the vue3-google-login lib
s
Okay, i'll look at the lib thank you
r
you can find it easily from the query params of the URL when you are sent to google
s
It seems like there is only an origin property no redirect uri
r
huh.. can you show me the URL?
and those are the only requests related to google besides fonts
r
ah no. When you click on the button, you are sent to google, what is that link (when you are on the google site)
s
Yeah when i'm send to google its the accounts.google.com/gsi link
r
hmm.
s
I can try just implementing it without the library if that would be best
r
im not sure how the vue lib wortks and which flow they are picking
yea try without that lib - you can follow the blog post i linked to above
s
Okay i'll try that
r
👍
s
I was able to get it working coding it myself but I noticed a user can make an account and use the same email on a provider and they show up as different users, is there anything I can do about that?
r
So what you are looking for is account linking. We don’t have that yet. Instead, what you can do is override the backend api functions for sininup to first check if an email with that user already exists, and if it does, return an error to the frontend saying that this email already exists with another provider
s
Is there a guide or something on how to modify the code for one of the routes
r
Well, I can give you an example sometime tomorrow.
s
Okay that sounds good
r
is how you can disable the same email to sign up using a different method if they already had previously signed up
s
I just tried adding it to my API and it does not work it still allows users to sign up. I'm using javascript instead of typescript but I got rid of the types so it should still work
r
Can you add debug logs and see where the logic is failing?
s
I'm going to try switching my project over to typescript first because I've wanted to do that anyway
Yeah I just switched and it still works, I'll turn debug on and send logs
Copy code
OPTIONS /auth/signup 204 1.315 ms - 0
  com.supertokens {t: "2022-06-22T15:52:38.055Z", message: "middleware: Started", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:158:26" sdkVer: "9.2.3"} +0ms

  com.supertokens {t: "2022-06-22T15:52:38.056Z", message: "middleware: requestRID is: anti-csrf", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:172:26" sdkVer: "9.2.3"} +0ms

  com.supertokens {t: "2022-06-22T15:52:38.057Z", message: "middleware: Checking recipe ID for match: thirdpartyemailpassword", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:220:34" sdkVer: "9.2.3"} +0ms

  com.supertokens {t: "2022-06-22T15:52:38.059Z", message: "middleware: Request being handled by recipe. ID is: /signup", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:225:38" sdkVer: "9.2.3"} +0ms      

  com.supertokens {t: "2022-06-22T15:52:38.396Z", message: "Sending response to client with status code: 200", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\utils.js:90:14" sdkVer: "9.2.3"} +0ms

  com.supertokens {t: "2022-06-22T15:52:38.399Z", message: "middleware: Ended", file: "H:\InFormation\api\node_modules\supertokens-node\lib\build\supertokens.js:239:38" sdkVer: "9.2.3"} +0ms
                                                                                                                                                                                              
POST /auth/signup 200 344.636 ms - 132
POST /auth/signup 200 344.636 ms - 132
I tried signing up with an email that was already used with google
I put the override stuff after the providers, should it be put before?
r
Location of override before or after providers doesn’t matter
Can you try adding some console logs in the override full functions and seeing if they get called?