Hi,
We're authenticating our react app with super...
# generalt
teebot
07/05/2022, 12:13 PMHi,
We're authenticating our react app with supertokens react components successfully from SUBDOMAIN.DOMAIN.COM where our frontend lives and where the cookie is also set. Our main API and supertokens fastify middleware live on DOMAIN.COM/API and correctly set cookie and validate the requests
The problem we have is that we have another authentication flow where customers will get a new supertokens cookie from DOMAIN.COM, they are supposed to be authenticated but the react auth component does not recognize it. Would you have a cue on how we could solve that?
r
rp_st
07/05/2022, 12:29 PMhey @teebot
rp_st
07/05/2022, 12:30 PMSo you essentially want to share the session across SUBDOMAIN.DOMAIN.COM and DOMAIN.COM (both frontend) right?
t
teebot
07/05/2022, 12:30 PMDOMAIN.COM is API only
teebot
07/05/2022, 12:31 PMfor additional context we need to authenticate users from a react native app to a webview
teebot
07/05/2022, 12:31 PMso what we made is a redirect that takes the JWT as input , creates a new session and sets the cookie in the redirect
r
rp_st
07/05/2022, 12:32 PMSo i don't think i am understanding the problem clearly
t
teebot
07/05/2022, 12:32 PMthe webview has the react web auth supertokens component
r
rp_st
07/05/2022, 12:32 PMright, and that web view's URL is?
t
teebot
07/05/2022, 12:32 PMSUDOMAIN.DOMAIN.COM
teebot
07/05/2022, 12:32 PMafter being redirected that is
r
rp_st
07/05/2022, 12:33 PMi see. So the session is not being created for SUDOMAIN.DOMAIN.COM? Which API is it querying?
t
teebot
07/05/2022, 12:34 PMthe API and supertokens fastify middleware live on DOMAIN.COM
teebot
07/05/2022, 12:34 PMboth for the react native app and for the webview loading the react webapp
r
rp_st
07/05/2022, 12:35 PMSo the session between SUDOMAIN.DOMAIN.COM and DOMAIN.COM is not working?
t
teebot
07/05/2022, 12:35 PMapparently indeed
r
rp_st
07/05/2022, 12:35 PMright
t
teebot
07/05/2022, 12:36 PMwe tried settings cookieDomain to a wildcard like .DOMAIN.COM but that created issues with some users not being able to refresh their token (Android)
r
rp_st
07/05/2022, 12:36 PMhmm
t
teebot
07/05/2022, 12:37 PMif you want I can quickly show you a little demo
r
rp_st
07/05/2022, 12:37 PMyea please do
t
teebot
07/05/2022, 12:37 PMwith a screencast
teebot
07/05/2022, 12:37 PMok I'll DM it to you in a minute
r
rp_st
07/05/2022, 12:37 PMrp_st
07/05/2022, 12:37 PMYou can join the call and we can debug there
rp_st
07/05/2022, 12:37 PMeasier
rp_st
07/05/2022, 7:18 PMHey @teebot did the issue get resolved?
t
teebot
07/05/2022, 9:10 PMhey, thx for asking but not yet, it seems the cookie is still not picked up somehow. will dig further
teebot
07/05/2022, 9:11 PMwe see the set-cookie from the response to the client side call to API but it's still not being interpreted as logged in
r
rp_st
07/06/2022, 3:52 AMHmmm. Can you enable debug logs on the frontend and backend and show me the output when this api call is made? And also a screenshot of the set-cookie header as seen on chrome
14 Views