https://supertokens.com/ logo
#support-questions
Title
# support-questions
b

Biaz

06/24/2022, 5:04 PM
Hello, i need to configure the backend for to accept capcitor://app.id URL and not only http or https. Someone can help me?
r

rp

06/24/2022, 5:10 PM
Hey @Biaz give me sometime. I’ll help
b

Biaz

06/24/2022, 5:14 PM
We set cookieHandler: getCookieHandler, windowHandler: (original) => getWindowHandler(original, config),
As u said to us before. And it works with API on http://localhost:3000 from http://localhost and from capacitor://appId If we use on API: Session.init({ cookieSecure: false, }) From capacitor://appID to https://apiDomain we recive this error: "Since your API and website domain are different, for sessions to work, please use https on your api Domain and don't set cookie Secure to false." If we set cookieSecure: true we cannot call API from capacitor://appID
r

rp

06/24/2022, 6:06 PM
right. So how much have you gotten it to work already?
b

Biaz

06/24/2022, 8:02 PM
Nope
Or better works only on http
It doesn't works with cookieSecure: true -> from capacitor://appID to http://localhost/ or to https://apiurl/
It doesn't works with cookieSecure: false -> from capacitor://appID to https://apiurl/
Works: from capacitor://appID to http:/localhost with cookieSecure: false But I need to call from capacitor://appID to https://apiUrl
r

rp

06/25/2022, 5:14 AM
b

Bort_dev

06/28/2022, 5:11 PM
Hello, We have noticed that both our cookie-handler and window-handler seems to be working properly. The signin API return the header 'Set-Cookie' with the appropriate value, but the header appended to subsequent requests (es. 'auth/user/email/verify') is the following: "Cookie: sIRTFrontend=remove". This situation occurs only for app that is running in a WebView hosted with Capacitor, in normal browser all works fine. I think the problem could be with Supertokens.addAxiosInterceptor() because before the unauthorized response error the cookies exist correctly. Could you help me? Can i use a custom Interceptor to solve this issue?
r

rp

06/28/2022, 5:12 PM
Hmmm. Is there some api request that results in the cookies getting removed?
b

Bort_dev

06/28/2022, 5:35 PM
The cookies seems to be removed after an api responds with status 401
ok, maybe i understand the real problem. IOS app that use capacitor are unable to use the document.cookie with Secure cookies. Is document.cookie used by AxiosInterceptor?? In this case i have to write my custom interceptor to override this behavior to use Http.setCookie by capacitor-communty/http plugin that seems to solve the problem
r

rp

06/28/2022, 6:03 PM
Yeaa. You might want to provide a custom cookie handler then