https://supertokens.com/ logo
Join Discord
Powered by
Hi, do I need to use verifySession in my APIs even...
# support-questions-legacy
a
Hi, do I need to use verifySession in my APIs even if the lambda authorizer is run before that?
r
Hey! You don’t
a
How can I get the session instance?
r
You don’t get the session instance in your lambda function. You lambda authoriser only sends the userId to the lambda function.
You can also make it send the session handle if you like and then in your lambda function you can use the sessionHandle to do operations on the session.
Alternatively, you don’t need to use lamda authorisers at all and can directly use the verifySession in your lambda functions.
And that will give you the session object
a
Now I understand, thank you very much.
To do session operation should I use Session.getSessionInformation?
r
Do you have the session instant or just the sessionHandle?
a
I have the sessionHandle, I'm getting it by the context that the authorizer sends
r
Instance *
Right. So you can use that function. Sure
There r a bunch of functions you can use
a
My intention is to use updateAccessTokenPayload
r
Cool. there is a Session.updateAccessTokenPayload function too
a
Oh it's true I see, thanks again
r
The one thing to keep in mind is that calling that with the sessionHandle will update the accessTokenPayload on the frontend only after a session refresh
If you want the frontend to have the change immediately, then you wanna use the verifySession function in the lambda function (without putting the lambda authoriser in the middle)
a
Can I use verifySession even with lambda authorizer?
r
I’m not sure. You can try it. But in the lambda authoriser, you don’t need to call the verifySession then. Just make it do a no-op function or something.
a
I assume it works, I'm testing it and let you know if it works
Yes, it worked. The authorizer runs before the lambda so it works normally.
Thanks! You have helped me a lot, congratulations for the support
3 Views
PreviousNext
Powered by