What could be the culprit?
# support-questions-legacyw
wdjzr
07/02/2022, 5:58 PMWhat could be the culprit?
wdjzr
07/02/2022, 5:58 PMEverything else works, like signin, protected api routes etc
r
rp_st
07/02/2022, 5:59 PMHmmm
rp_st
07/02/2022, 5:59 PMCan you enable debug logging on the backend and show the logs for the refresh API?
w
wdjzr
07/02/2022, 6:00 PMI delete the access token cookie and try an api route, after I get a 401, my refresh token and other cookies get deleted
wdjzr
07/02/2022, 6:00 PMSure, let me do that
wdjzr
07/02/2022, 6:03 PMThis is the relevant part
wdjzr
07/02/2022, 6:04 PMr
rp_st
07/02/2022, 6:05 PMright. So it's possible that nginx is not forwarding the refresh token cookie to the server?
w
wdjzr
07/02/2022, 6:06 PMThe client gets the refresh token for sure, I am not sure if it gets back to server
wdjzr
07/02/2022, 6:06 PMBut after the 401, all of my cookies get deleted
r
rp_st
07/02/2022, 6:06 PMcan i see the request headers being sent from the browser?
rp_st
07/02/2022, 6:07 PMwhen the refresh API call is made
w
wdjzr
07/02/2022, 6:07 PMwdjzr
07/02/2022, 6:08 PMMm yea
r
rp_st
07/02/2022, 6:08 PMhmm the refresh token is missing
w
wdjzr
07/02/2022, 6:08 PMsIdrefresh is there but the token is not
wdjzr
07/02/2022, 6:08 PMWeird
r
rp_st
07/02/2022, 6:08 PMcan you logout, login and try again?
rp_st
07/02/2022, 6:08 PMmaybe you manually deleted the refresh token as well by mistake
w
wdjzr
07/02/2022, 6:09 PMSame outcome
r
rp_st
07/02/2022, 6:09 PMcan i see the response headers in the login API?
w
wdjzr
07/02/2022, 6:09 PMI just deleted the access token
wdjzr
07/02/2022, 6:09 PMSure
wdjzr
07/02/2022, 6:11 PMr
rp_st
07/02/2022, 6:12 PMso the refresh token is being sent
rp_st
07/02/2022, 6:12 PMi mean the client is getting it
w
wdjzr
07/02/2022, 6:12 PMYes, its there
r
rp_st
07/02/2022, 6:12 PMthe path that it will be sent to is
/api/auth/session/refreshrp_st
07/02/2022, 6:12 PMdoes that match the refresh API path? When that API is being called?
w
wdjzr
07/02/2022, 6:13 PMYes
wdjzr
07/02/2022, 6:13 PMWell actually, to /backend/api/auth/session/refresh
wdjzr
07/02/2022, 6:14 PMBut that /backend part is the nginx proxy
r
rp_st
07/02/2022, 6:14 PMright.. so that's the issue
w
wdjzr
07/02/2022, 6:14 PMThe login, signout also goes thru that
r
rp_st
07/02/2022, 6:14 PMwhats the apiBasePath that you have set on the frontend?
w
wdjzr
07/02/2022, 6:15 PM/backend/api/auth
r
rp_st
07/02/2022, 6:15 PMand on the backend?
w
wdjzr
07/02/2022, 6:15 PMbase path is /api/auth and api domain is
APIDomain: "https://localhost/backend"wdjzr
07/02/2022, 6:16 PMAhhh
wdjzr
07/02/2022, 6:16 PMLet me try localhost as the domain and backend/api as the path
wdjzr
07/02/2022, 6:18 PMNow I just get 404s, login stopped working too
wdjzr
07/02/2022, 6:20 PMI will try frontend domain with localhost/backend
wdjzr
07/02/2022, 6:20 PMI guess that may work
r
rp_st
07/02/2022, 6:20 PMactually, the apiBasePath should be /api/auth, but add another config called apiGatewayPath which should be
/backendw
wdjzr
07/02/2022, 6:21 PMFor frontend or backend?
r
rp_st
07/02/2022, 6:21 PMbackend
w
wdjzr
07/02/2022, 6:21 PMThis is also kinda weird, let me show you this
wdjzr
07/02/2022, 6:22 PMNow I set apiDomain: "https://localhost/backend",
on frontend and the basePath is /api/auth
wdjzr
07/02/2022, 6:22 PMBut the sdk is making requests to localhost/api/... instead
wdjzr
07/02/2022, 6:25 PMIt makes sense if it only accepts domains without paths
wdjzr
07/02/2022, 6:25 PMTrying this now
wdjzr
07/02/2022, 6:26 PMIt worked! ❤️
r
rp_st
07/02/2022, 6:26 PMok great!
w
wdjzr
07/02/2022, 6:26 PMSorry for bruteforcing the solution
wdjzr
07/02/2022, 6:26 PMDid not see the apigateway in the guides but I shouldve just checked the struct in the SDK
wdjzr
07/02/2022, 6:26 PMThanks a lot ❤️
r
rp_st
07/02/2022, 8:01 PM6 Views