Hey <@498057949541826571> Following up on the Resp...
# support-questions-legacy
a
Hey @rp_st Following up on the Response issue
r
hey @anujchhabria
let's talk in this thread
please summarise the problem
a
Sure
r
@kakashi_44 can help here
a
The exception occurred while attempting to log: Argument 1 passed to SuperTokens\Helpers\CookieAndHeader::attachAccessTokenToCookie() must be an instance of Illuminate\Http\Response, instance of Illuminate\Http\JsonResponse given, called in /var/www/classcard/vendor/supertokens/supertokens-laravel/src/Http/Middleware.php on line 69 This is the error
Mostly seems to be happening on the refresh
We also do get this on our user api often
The exception occurred while attempting to log: access token missing in cookies
k
Hey @anujchhabria , is the login API working correctly? The one where createNewSession is used. Are the cookies getting set correctly in response for that API?
a
Yep, all working fine on login
cookie is set on the browser without any issue
So to summarize, we have 2 issues: 1. On the user api - after the session has been active for sometime - we get the access token missing in cookies 2. refresh api - Argument 1 passed to SuperTokens\Helpers\CookieAndHeader::attachAccessTokenToCookie() must be an instance of Illuminate\Http\Response, instance of Illuminate\Http\JsonResponse given, called in /var/www/classcard/vendor/supertokens/supertokens-laravel/src/Http/Middleware.php on line 69
k
got it
Is there an part in the code, where a supertokens function is being called and a JSONResponse object is passed?
a
just double checked
does not seem like it
k
okay
How is the refresh route implemented. Can you share code snippet of that part?
a
public function refresh (Request $request) { return ""; }
as per the docs this is what it has to be
k
got it, thanks
are you using JSONResponse in any of your API?
a
yes
in one of the apis we had to, to manage some character encoding
k
the issue can be, after the refresh API is called, it returns with new refresh token and access token. The API that is called right after the refresh API, the new access token is verified and the older refresh token is discarded. This updates the payload of access token. Now because that API might be returning JSONResponse, the issue gets triggered. It makes sense now why it could be happening after the refresh API call
a
I see, how do we work around this?
also - what about this one - 1. On the user api - after the session has been active for sometime - we get the access token missing in cookies
r
@anujchhabria you have two options: - Never use JsonResponse in any API; OR - Fork our laravel repo and remove Response type from places like this: https://github.com/supertokens/supertokens-laravel/blob/master/src/Helpers/CookieAndHeader.php#L106