Hi,
got a little issue with our Android app on re...
# generalt
teebot
06/23/2022, 12:10 PMHi,
got a little issue with our Android app on react native for a few days.
it can log in and get an access token
but when refreshing it logs us out
this is what we changed before it started to happen :
- "supertokens-node": "^8.5.0",
+ "supertokens-node": "^9.2.3",
in the same deployment, we also set the cookieDomain to a wildcard to allow subdomains
the weird thing is ios is fine
n
nkshah2
06/23/2022, 12:10 PMHey
nkshah2
06/23/2022, 12:10 PMWhat version of the react-native SDK are you using?
t
teebot
06/23/2022, 12:10 PM"supertokens-react-native": "3.0.7",
n
nkshah2
06/23/2022, 12:12 PMOut of curiosity, does it still work for Android if you dont use the wildcard? Just to rule it out
t
teebot
06/23/2022, 12:29 PMwe're testing it now
teebot
06/23/2022, 12:33 PMby the way for testing convenience is it safe to set an access token validity of 60 secs ?
teebot
06/23/2022, 12:33 PMit's not going to invalidate an access token that was normally valid for one hour after 60sec?
n
nkshah2
06/23/2022, 12:33 PMYep that should work just fine
t
teebot
06/23/2022, 12:51 PMok I think we nailed down something interesting here:
on staging.poppy.red => refreshing works on android with a cookiedomain set to ".poppy.red"
but on poppy.red => refreshing will not work
teebot
06/23/2022, 12:51 PMios works in all cases
teebot
06/23/2022, 12:51 PMwe gave up on setting up that cookieDomain. to be safe we're redeploying without it
n
nkshah2
06/23/2022, 12:52 PMThat is strange
t
teebot
06/23/2022, 12:52 PMinstead we will reissue a set-cookie from the other domain if we submit it a valid JWT
teebot
06/23/2022, 12:53 PMI can't find it in the doc anymore but how can we create a new session and do a set-cookie on a custom endpoint and not with a framework middleware?
n
nkshah2
06/23/2022, 12:58 PMAh right you would have to do it manually (this depends on what framework you are using on your backend)
nkshah2
06/23/2022, 12:58 PMWhat version of react native are you using?
t
teebot
06/23/2022, 12:59 PM0.66.3
teebot
06/23/2022, 12:59 PMmaybe we misunderstood the cookieDomain use, is a cookieDomain set to
.poppy.redexample.poppy.redpoppy.redexample.poppy.redteebot
06/23/2022, 1:00 PMweb framework is fastify
teebot
06/23/2022, 1:01 PMhow can I issue a new session for a specific user?
n
nkshah2
06/23/2022, 1:03 PMIts supposed to work for both subdomains and the domain itself, android has had issues with cookie logic being different that could be the reason
nkshah2
06/23/2022, 1:03 PMWhat do you mean for a specific user?
nkshah2
06/23/2022, 1:04 PMWhat I mean is, does that specific user need to perform some action or do you just want to create a session for them on your backend directly
t
teebot
06/23/2022, 1:07 PMwhat I'm planning to do is open a webview from react-native and transfer its authentication there.
that webview lives on a subdomain. Even if it was in the same domain it does inherit a session cookie from the app so the workaround is : pass the JWT to the webview.
Make the webview post the JWT to an endpoint, verify the JWT and then issue a new Session Cookie for that subdomain.
n
nkshah2
06/23/2022, 1:09 PMAh, so that endpoint that gets sent the JWT would call
createNewSessionnkshah2
06/23/2022, 1:09 PMI assume you have some identifier for the user and you want to do something custom when creating a session for that specific user?
t
teebot
06/23/2022, 1:11 PMyeah
teebot
06/23/2022, 1:11 PMawesome
n
nkshah2
06/23/2022, 1:11 PMSo then you could also override the createNewSession function (https://supertokens.com/docs/session/advanced-customizations/backend-functions-override/usage) and then simply do something custom for that specific user id
45 Views