https://supertokens.com/ logo
Title
a

anujchhabria

12/28/2022, 7:00 AM
Hey @rp Following up on the Response issue
r

rp

12/28/2022, 7:01 AM
hey @anujchhabria
let's talk in this thread
please summarise the problem
a

anujchhabria

12/28/2022, 7:01 AM
Sure
r

rp

12/28/2022, 7:01 AM
@kakashi_44 can help here
a

anujchhabria

12/28/2022, 7:01 AM
The exception occurred while attempting to log: Argument 1 passed to SuperTokens\Helpers\CookieAndHeader::attachAccessTokenToCookie() must be an instance of Illuminate\Http\Response, instance of Illuminate\Http\JsonResponse given, called in /var/www/classcard/vendor/supertokens/supertokens-laravel/src/Http/Middleware.php on line 69 This is the error
Mostly seems to be happening on the refresh
We also do get this on our user api often
The exception occurred while attempting to log: access token missing in cookies
k

kakashi_44

12/28/2022, 7:04 AM
Hey @anujchhabria , is the login API working correctly? The one where createNewSession is used. Are the cookies getting set correctly in response for that API?
a

anujchhabria

12/28/2022, 7:04 AM
Yep, all working fine on login
cookie is set on the browser without any issue
So to summarize, we have 2 issues: 1. On the user api - after the session has been active for sometime - we get the access token missing in cookies 2. refresh api - Argument 1 passed to SuperTokens\Helpers\CookieAndHeader::attachAccessTokenToCookie() must be an instance of Illuminate\Http\Response, instance of Illuminate\Http\JsonResponse given, called in /var/www/classcard/vendor/supertokens/supertokens-laravel/src/Http/Middleware.php on line 69
k

kakashi_44

12/28/2022, 7:06 AM
got it
Is there an part in the code, where a supertokens function is being called and a JSONResponse object is passed?
a

anujchhabria

12/28/2022, 7:13 AM
just double checked
does not seem like it
k

kakashi_44

12/28/2022, 7:19 AM
okay
How is the refresh route implemented. Can you share code snippet of that part?
a

anujchhabria

12/28/2022, 7:24 AM
public function refresh (Request $request) { return ""; }
as per the docs this is what it has to be
k

kakashi_44

12/28/2022, 7:32 AM
got it, thanks
are you using JSONResponse in any of your API?
a

anujchhabria

12/28/2022, 7:39 AM
yes
in one of the apis we had to, to manage some character encoding
k

kakashi_44

12/28/2022, 9:26 AM
the issue can be, after the refresh API is called, it returns with new refresh token and access token. The API that is called right after the refresh API, the new access token is verified and the older refresh token is discarded. This updates the payload of access token. Now because that API might be returning JSONResponse, the issue gets triggered. It makes sense now why it could be happening after the refresh API call
a

anujchhabria

12/28/2022, 9:43 AM
I see, how do we work around this?
also - what about this one - 1. On the user api - after the session has been active for sometime - we get the access token missing in cookies
r

rp

12/28/2022, 10:25 AM
@anujchhabria you have two options: - Never use JsonResponse in any API; OR - Fork our laravel repo and remove Response type from places like this: https://github.com/supertokens/supertokens-laravel/blob/master/src/Helpers/CookieAndHeader.php#L106