Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Title
a
anujchhabria
12/28/2022, 7:00 AMHey @rp Following up on the Response issue
r
rp
12/28/2022, 7:01 AMhey @anujchhabria
let's talk in this thread
please summarise the problem
a
anujchhabria
12/28/2022, 7:01 AMSure
r
rp
12/28/2022, 7:01 AM@kakashi_44 can help here
a
anujchhabria
12/28/2022, 7:01 AMThe exception occurred while attempting to log: Argument 1 passed to SuperTokens\Helpers\CookieAndHeader::attachAccessTokenToCookie() must be an instance of Illuminate\Http\Response, instance of Illuminate\Http\JsonResponse given, called in /var/www/classcard/vendor/supertokens/supertokens-laravel/src/Http/Middleware.php on line 69
This is the error
Mostly seems to be happening on the refresh
We also do get this on our user api often
The exception occurred while attempting to log: access token missing in cookies
k
kakashi_44
12/28/2022, 7:04 AMHey @anujchhabria , is the login API working correctly? The one where createNewSession is used. Are the cookies getting set correctly in response for that API?
a
anujchhabria
12/28/2022, 7:04 AMYep, all working fine on login
cookie is set on the browser without any issue
So to summarize, we have 2 issues:
1. On the user api - after the session has been active for sometime - we get the access token missing in cookies
2. refresh api - Argument 1 passed to SuperTokens\Helpers\CookieAndHeader::attachAccessTokenToCookie() must be an instance of Illuminate\Http\Response, instance of Illuminate\Http\JsonResponse given, called in /var/www/classcard/vendor/supertokens/supertokens-laravel/src/Http/Middleware.php on line 69
k
kakashi_44
12/28/2022, 7:06 AMgot it
Is there an part in the code, where a supertokens function is being called and a JSONResponse object is passed?
a
anujchhabria
12/28/2022, 7:13 AMjust double checked
does not seem like it
k
kakashi_44
12/28/2022, 7:19 AMokay
How is the refresh route implemented. Can you share code snippet of that part?
a
anujchhabria
12/28/2022, 7:24 AMpublic function refresh (Request $request) {
return "";
}
as per the docs this is what it has to be
k
kakashi_44
12/28/2022, 7:32 AMgot it, thanks
are you using JSONResponse in any of your API?
a
anujchhabria
12/28/2022, 7:39 AMyes
in one of the apis we had to, to manage some character encoding
k
kakashi_44
12/28/2022, 9:26 AMthe issue can be, after the refresh API is called, it returns with new refresh token and access token. The API that is called right after the refresh API, the new access token is verified and the older refresh token is discarded. This updates the payload of access token. Now because that API might be returning JSONResponse, the issue gets triggered. It makes sense now why it could be happening after the refresh API call
a
anujchhabria
12/28/2022, 9:43 AMI see, how do we work around this?
also - what about this one - 1. On the user api - after the session has been active for sometime - we get the access token missing in cookies
r
rp
12/28/2022, 10:25 AM@anujchhabria you have two options:
- Never use JsonResponse in any API; OR
- Fork our laravel repo and remove Response type from places like this: https://github.com/supertokens/supertokens-laravel/blob/master/src/Helpers/CookieAndHeader.php#L106