It seems like the post login token ingestion confirmation is SuperTokens.com #support-questions

It seems like the post-login token ingestion / con...

qoby

07/11/2022, 2:06 PM

It seems like the post-login token ingestion / confirmation isn't working, I'm presuming its because we're using HashRouter (routes are /#/foo). Has anyone had this problem?

07/11/2022, 2:07 PM

Hey @qoby what do you mean by "post-login token ingestion" ?

07/11/2022, 2:07 PM

Are you talking about passwordless magic link?

qoby

07/11/2022, 2:07 PM

yeah, exactly

07/11/2022, 2:12 PM

I see. So the issue is that it's not routing to the right page? Or that it's not being able to pick up the right code from the URL?

07/11/2022, 2:14 PM

So we have an example app (that uses electron) that uses a hashrouter. https://github.com/supertokens/supertokens-auth-react/tree/master/examples/with-thirdpartypasswordless-electron

07/11/2022, 2:15 PM

Are you using react on the frontend or somethign else?

07/11/2022, 2:15 PM

@nkshah2 can help here.

qoby

07/11/2022, 2:30 PM

Thanks @rp – yeah, its React with react-router-dom. It ends up with a blank screen on /#/auth/verify and doesn't forward off to any other urls

nkshah2

07/11/2022, 2:33 PM

Right, so the problem here is that the SDK uses the location hash for passwordless in the magic link flow But because the hash router has the path as part of the URL hash, the SDK logic fails. When you initialise SuperTokens you can pass custom handlers for the Window API to handle this You can use the logic from this file: https://github.com/supertokens/supertokens-auth-react/blob/master/examples/with-thirdpartypasswordless-electron/src/windowHandler.ts And then pass that when calling

SuperTokens.init

similar to

Copy code

SuperTokens.init({
    // ...
    windowHandler: getWindowHandler, // Refer to src/windowHandler.ts
    // ...
});

nkshah2

07/11/2022, 2:36 PM

Out of curiosity, what is the full URL of the /auth/verify page where you get stuck?

qoby

07/11/2022, 2:39 PM

Thanks @nkshah2, I'll take a look https://localhost:3000/verify?rid=passwordless&preAuthSessionId=code=#code

qoby

07/11/2022, 2:39 PM

thats the link in the email

nkshah2

07/11/2022, 2:40 PM

Right, whats the

apiBasePath

set to for both your frontend and backend?

nkshah2

07/11/2022, 2:41 PM

If you arent sure what that is, you can send the

appInfo

object you pass when calling SuperTokens init on the backend and frontend

qoby

07/11/2022, 2:41 PM

apiBasePath or web base? /auth

nkshah2

07/11/2022, 2:41 PM

apiBasePath

nkshah2

07/11/2022, 2:42 PM

Right so the URL should look like this https://localhost:3000/auth/verify?rid=passwordless&preAuthSessionId=123&code=#1234

qoby

07/11/2022, 2:46 PM

I think that's right – I messed it up trying to push a hash into the web base path, since it was linking /auth/verify and not /#/auth/verify

qoby

07/11/2022, 3:00 PM

That might be a minor bug, websiteBasePath: /#/auth yields a /verify link in email, but websiteBasePath: /auth yields /auth/verify

07/11/2022, 3:07 PM

Hmm. That’s odd. Can you open an issue about that please?

07/11/2022, 3:08 PM

Also, you should keep the websiteBasePath without a hash

07/11/2022, 3:08 PM

And then override the function that’s sends the email to inject a hash in the final URL that goes in the email

07/11/2022, 3:11 PM

Then on the frontend, you want to override the windowHandler on the frontend to get the code from the url correctly as seen here: https://github.com/supertokens/supertokens-auth-react/blob/master/examples/with-thirdpartypasswordless-electron/src/windowHandler.ts

qoby

07/11/2022, 3:21 PM

@nkshah2 just looking through that code, why not unhash with something like: new URL(window.location.hash.substring(1), window.location.origin)

nkshah2

07/11/2022, 3:22 PM

No specific reason, just wanted to keep it simple for an example app

qoby

07/11/2022, 3:24 PM

I'm probably missing something obvious, but I think it can be rewritten like getSearch() { return (new URL(window.location.hash.substring(1), window.location.origin)).search; }, getHash() { return (new URL(window.location.hash.substring(1), window.location.origin)).hash; }, getPathName() { return (new URL(window.location.hash.substring(1), window.location.origin)).pathname; },

nkshah2

07/11/2022, 3:27 PM

Yeah that should work

qoby

07/11/2022, 4:07 PM

@rp you mentioned "override the function that sends the email", are you talking about

recipeList smsDelivery.override.sendSms

07/11/2022, 4:08 PM

There is also emailDelivery.override.sendEmail. Use that one

qoby

07/11/2022, 4:08 PM

oops yes, thank you

qoby

07/11/2022, 4:10 PM

Do you know if there are any examples of custom urlWithLinkCode in github? I'm looking but not finding much

qoby

07/11/2022, 4:10 PM

nor in docs

nkshah2

07/11/2022, 4:15 PM

Do you mean an example of returning a custom urlWithLinkCode for the email?

qoby

07/11/2022, 4:20 PM

yeah, is that the right idea?

07/11/2022, 4:21 PM

What do you want to do?

07/11/2022, 4:21 PM

If I understand, you want to modify the magic link to inject the hash right?

qoby

07/11/2022, 4:24 PM

Right, based on your advice above

07/11/2022, 4:24 PM

If yes, you can do it like this;

Copy code

ts
Passwordless.init({
    emailDelivery: {
        override: (oI) => {
            return {
                ...oI,
                sendEmail: async function (input) {
                    let magicLink = input.urlWithLinkCode // this is like {websiteDomain}/{websiteBasePath}/verify#<one time use code>
                    // you can parse the URL using the URL lib and modify the link however you like
                    // and then you can assign it back to input
                    input.urlWithLinkCode = magicLink
                    return oI.sendEmail(input);
                }
            }
        }
    }
})

07/11/2022, 4:25 PM

So you can break down the link into domain and path. Then reform it with a

in the middle (so that the hash router understands it)

qoby

07/11/2022, 4:31 PM

thank you!

2 Views

Previous Next