productdevbook
12/13/2022, 7:09 AMnkshah2
12/13/2022, 7:11 AMproductdevbook
12/13/2022, 7:13 AMts
server.route({
method: ['GET', 'POST'],
url: graphqlPath,
handler: graphql,
})
rp
12/13/2022, 7:14 AMproductdevbook
12/13/2022, 7:23 AMts
const response = await fetch(`${connectionUri}/recipe/session/verify`, {
method: 'POST',
headers: {
'content-type': 'application/json',
'api-key': apiKey,
'rid': 'session',
},
body: JSON.stringify({
accessToken,
enableAntiCsrf: false,
doAntiCsrfCheck: false,
}),
})
https://app.swaggerhub.com/apis/supertokens/CDI/2.16.2#/Session%20Recipe/verifySession
used thank yourp
12/13/2022, 7:25 AMproductdevbook
12/13/2022, 7:29 AMts
verifySession()(ctx.req, ctx.reply, (res) => {
console.log(res)
})
thats true ?rp
12/13/2022, 7:30 AMproductdevbook
12/13/2022, 7:33 AMTypeError: Cannot read properties of undefined (reading 'wrapperUsed')
rp
12/13/2022, 7:34 AMproductdevbook
12/13/2022, 7:34 AMts
try {
const session = await Session.getSession(ctx.req, ctx.res)
if (session === undefined)
throw new Error('Should never come here')
const userId = session.getUserId()
console.log(userId, 'aaa')
}
catch (error) {
console.log(error, 'aaa')
}
rp
12/13/2022, 7:34 AMctx.req
and cts.res
?productdevbook
12/13/2022, 7:35 AMrp
12/13/2022, 7:36 AMproductdevbook
12/13/2022, 7:40 AMrp
12/13/2022, 7:40 AMproductdevbook
12/13/2022, 7:44 AMSessionError: Session does not exist. Are you sending the session tokens in the request as cookies?
rp
12/13/2022, 7:45 AMgetSession
and verifySession
functions only work for our sAccessToken cookieproductdevbook
12/13/2022, 7:49 AMrp
12/13/2022, 7:50 AMsAccessToken
and sIdRfereshToken
are required. In that case, you don't need to to send the authorization bearer tokenproductdevbook
12/13/2022, 7:56 AMts
const client = jwksClient({
jwksUri: 'http://localhost:3001/auth/jwt/jwks.json',
})
function getKey(header: JwtHeader, callback: SigningKeyCallback) {
client.getSigningKey(header.kid, (err, key) => {
const signingKey = key!.getPublicKey()
callback(err, signingKey)
})
}
console.log(token, 'token')
JsonWebToken.verify(token, getKey, {}, (_err, decoded) => {
const decodedJWT = decoded
console.log(decodedJWT, 'decoded')
})
rp
12/13/2022, 7:56 AMproductdevbook
12/13/2022, 7:57 AMrp
12/13/2022, 7:58 AMproductdevbook
12/13/2022, 7:58 AMeyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0=.eyJzZXNzaW9uSGFuZGxlIjoiMmE0YmRiNGYtYzE2Ni00NGJiLThkZDYtNDFiN2ZkZDI5NmM5IiwidXNlcklkIjoiZmUxZGQ2OGMtNjc3NS00MzViLWE2OTgtYzFiNGUyOTk1NzAyIiwicmVmcmVzaFRva2VuSGFzaDEiOiIzNTYwNjdlM2E3Y2RhMjNhMjQzMTFiMGFlYThjMmRhODI4ZjhhMWU3NzJkYzhlMWI5M2E4NjQzYjRlMDRmMzAwIiwicGFyZW50UmVmcmVzaFRva2VuSGFzaDEiOm51bGwsInVzZXJEYXRhIjp7Imp3dCI6ImV5SnJhV1FpT2lJd056STFNR1UzT0MwM1pqTTVMVFJtTVRrdFlqWmhaQzFsWWpCbFkyWmhZalppTWpFaUxDSjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSlNVekkxTmlKOS5leUp6ZFdJaU9pSm1aVEZrWkRZNFl5MDJOemMxTFRRek5XSXRZVFk1T0Mxak1XSTBaVEk1T1RVM01ESWlMQ0pwYzNNaU9pSm9kSFJ3T2k4dmJHOWpZV3hvYjNOME9qTXdNREV2WVhWMGFDSXNJbVY0Y0NJNk1UWTNNRGt5TVRreE55d2lhV0YwSWpveE5qY3dPVEU0TWpnMmZRLlNSTzdaTUNvbzFHNWNFWWZOdG1jRGRWRjdLZHdKSDJxLUtIMXM1eTBkZGt1bDRvNVVLQ01MUkhZZDdES2tzNDVwbnB1VzJaY0JHZVMwaFpxam11b2JrQktSWW9jcFRKTjdiNnYtOGt3czBsZHY2RFdMTk5mSlplQmlPSHlSS1E4OUo4ZXYwTVpFcW1HM2VPNUUxdjhCMHJNeFVKbk1VVHQtYjNmaTA2VGY1UzJTZy1VQkFaWkhPbHhHemVtYWU4eWliM1FDc1kzX1VIMkpPVGJRZnZVbDVmN0h2UjVQUi1QQ2ZWMkltWUFVckNReGp4WVdjZmtETXdZWDlfMXp5ZHN0NmNCV3dIV2J5WlRtTTZrdjFXbldwTDJzbUFJYklvMzhHdmdScE1xbUN1ai0wSVowcGUxT05SWHdyaEJxWW5zYWVQX2x4NzZQMWhhTWFwTWlpMFFOQSIsIl9qd3RQTmFtZSI6Imp3dCJ9LCJhbnRpQ3NyZlRva2VuIjpudWxsLCJleHBpcnlUaW1lIjoxNjcwOTIxODg2OTIxLCJ0aW1lQ3JlYXRlZCI6MTY3MDkxODI4NjkyMSwibG1ydCI6MTY3MDkxODI4NjkyMX0=.PCde9q7C173dbbR17ICZu2lgtp/rPpHWvMinF5rbhAS+YFfOCcopvjQImLPjKCH2zOZPO/wRPk2n7FTvAJo42kpWg0RGiv9X7MYA5UCYwylYCJZI6zGZvJi2te1XV+MU2hAMuuM5TbcwdHWmPVFCAl5PtfMAH7R8UpnBei4cma0TZN1nRsK73hesQsVHSknDBOw4dYDBCRRfz78Fi1GnBYU9XMpf1e/WTcDfMMq1WZI31NnmzYVIsH6o7EBKM3g+eat3O2P+6hFTKlp7fafA2xqb+gFFJqd+SqiHOlX2peCQpRc0PDDFp/zgADVhAXHbug1cc4b5vjjOAtUdDY5JiQ==
rp
12/13/2022, 7:59 AMproductdevbook
12/13/2022, 8:01 AMrp
12/13/2022, 8:01 AMproductdevbook
12/13/2022, 8:02 AMrp
12/13/2022, 8:02 AMproductdevbook
12/13/2022, 8:02 AMts
if (ctx.headers.authorization) {
let authHeader = ctx.headers.authorization
authHeader = Array.isArray(authHeader) ? authHeader[0] : authHeader
const authHeaderParts = authHeader.split(' ')
if (authHeaderParts.length === 2 && authHeaderParts[0] === 'Bearer') {
const accessToken = authHeaderParts[1]
verifyToken(accessToken)
}
}
and backrp
12/13/2022, 8:03 AMproductdevbook
12/13/2022, 8:03 AMrp
12/13/2022, 8:03 AMproductdevbook
12/13/2022, 8:04 AMrp
12/13/2022, 8:04 AMproductdevbook
12/13/2022, 8:30 AMts
Session.init({
jwt: {
enable: true,
},
}),
and loginrp
12/13/2022, 8:33 AMproductdevbook
12/13/2022, 8:37 AMconst jwt = await Session.getAccessTokenPayloadSecurely().jwt
only get jwteyJraWQiOiIwNzI1MGU3OC03ZjM5LTRmMTktYjZhZC1lYjBlY2ZhYjZiMjEiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJmZTFkZDY4Yy02Nzc1LTQzNWItYTY5OC1jMWI0ZTI5OTU3MDIiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjMwMDEvYXV0aCIsImV4cCI6MTY3MDkyMzg2MywiaWF0IjoxNjcwOTIwMjMyfQ.faEnRZMQDV_OpGb0B8hWJZNd8YmaRBWPIiVP5VSrrud6db92htxTKza7PiAAYGfFE6jzBr_EILy3PEXGwpVGzisaERqcyi09nCIwjngDhuW9S8HCsjKpwW75EWyylUAYtsYsa63ggnyGBhP2r9NOlrSb92OwrYT_eNRe-EFZjLbkXsh69NNZAhngzqnNBf3o6G2zEpqLsq3UmL8P_321fKDL6T1cZj3J_4bdPsmwwmruOqtxHgEGsulokUx_IMBhE_oqzTTKPYhnSMF9JGZaaX2kaZ50Mx8uLkBcQwEyMthsJZ-pmH9MUH75azXG_t6TaX5vxkUa8MCmIjSogoh1eg
thisrp
12/13/2022, 8:42 AMproductdevbook
12/13/2022, 9:31 AMgetAccessTokenPayloadSecurely
jwt save cookie ?rp
12/13/2022, 9:34 AMproductdevbook
12/13/2022, 9:35 AMrp
12/13/2022, 9:36 AMproductdevbook
12/13/2022, 9:36 AMrp
12/13/2022, 9:36 AMproductdevbook
12/13/2022, 9:36 AMrp
12/13/2022, 9:37 AMproductdevbook
12/13/2022, 9:38 AMrp
12/13/2022, 9:39 AMproductdevbook
12/13/2022, 9:39 AMts
import {
ApolloClient,
InMemoryCache,
createHttpLink,
} from '@apollo/client/core/index.js'
import {
DefaultApolloClient,
provideApolloClient,
} from '@vue/apollo-composable/dist/index.esm.js'
import Session from 'supertokens-web-js/recipe/session'
import SuperTokens from 'supertokens-web-js'
import ThirdPartyEmailPassword from 'supertokens-web-js/recipe/thirdpartyemailpassword'
import { defineNuxtPlugin } from '#app'
export default defineNuxtPlugin(async (nuxtApp) => {
let token = ''
console.log('1')
nuxtApp.hook('app:mount
ed', async () => {
console.log('2')
SuperTokens.init({
appInfo: {
apiDomain: 'http://localhost:3001',
apiBasePath: '/auth',
appName: 'aa',
},
recipeList: [
Session.init(),
ThirdPartyEmailPassword.init(),
],
})
console.log('3')
Session.getAccessTokenPayloadSecurely().then((payload) => {
token = payload.jwt
})
console.log('4')
})
console.log('5')
const httpLink = createHttpLink({
credentials: 'include',
uri: 'http://127.0.0.1:3001/graphql',
headers: {
authorization: `Bearer ${token}`,
},
})
const cache = new InMemoryCache()
let apolloClient: ApolloClient<any>
if (process.server) {
console.log('6')
apolloClient = new ApolloClient({
ssrMode: true,
link: httpLink,
cache,
})
nuxtApp.hook('app:rendered', () => {
nuxtApp.payload.data.apollo = apolloClient.extract()
})
}
else {
console.log('7')
apolloClient = new ApolloClient({
link: httpLink,
cache,
ssrForceFetchDelay: 100,
})
}
provideApolloClient(apolloClient)
nuxtApp.provide('$apollo', { DefaultApolloClient, apolloClient })
})
rp
12/13/2022, 9:39 AMproductdevbook
12/13/2022, 9:40 AM9-vue-index
-> index.vue data sendrp
12/13/2022, 9:40 AMSession.getAccessTokenPayloadSecurely().then((payload) => {
token = payload.jwt
})
productdevbook
12/13/2022, 9:45 AMrp
12/13/2022, 9:46 AMproductdevbook
12/13/2022, 9:46 AMSuperTokens.init({
appInfo: {
apiDomain: 'http://localhost:3001',
apiBasePath: '/auth',
appName: 'aaa',
},
recipeList: [
Session.init(),
ThirdPartyEmailPassword.init(),
],
})
rp
12/13/2022, 9:46 AMproductdevbook
12/13/2022, 9:52 AMrp
12/13/2022, 9:52 AMproductdevbook
12/13/2022, 9:54 AMrp
12/13/2022, 9:54 AMproductdevbook
12/13/2022, 9:54 AMrp
12/13/2022, 9:54 AMproductdevbook
12/13/2022, 9:56 AMrp
12/13/2022, 9:56 AMproductdevbook
12/13/2022, 9:56 AMrp
12/13/2022, 9:56 AMproductdevbook
12/13/2022, 9:57 AMrp
12/13/2022, 9:58 AMproductdevbook
12/13/2022, 9:59 AMrp
12/13/2022, 9:59 AMproductdevbook
12/13/2022, 10:03 AMconst session = await Session.getSession(ctx.req, ctx.reply)
await verifyToken(session.getAccessTokenPayload().jwt)
rp
12/13/2022, 10:46 AMverifyToken
at all.. cause Session.getSession
does verification.