FlyingFox
01/09/2023, 8:54 AMsendEmail
fn to redirect to /auth/verify
on my API (not the frontend) so that a very basic (non-SPA) HTML page is served to conduct the consumeCode
and validate the login, but of course the cookies end up on that device (eg. a phone browser). What is the best way to poll for the original login request on the original device and to then have the cookies for the authentication tokens sent to the original SPA, as if the consumeCode fn was called on the original browser?
I'm thinking to use consumeCodePOST
to mark my own DB with the user/preAuthSessionId as logged in, and have the original SPA poll my endpoint for validating that, but then how do I get supertokens to send the token data to the SPA in order that the user can become validated on that device? Many thanks for any advice.rp
01/09/2023, 11:10 AMporcellus
01/09/2023, 11:12 AMcreateNewSession
in the polling endpointFlyingFox
01/09/2023, 11:14 AMporcellus
01/09/2023, 11:14 AMFlyingFox
01/09/2023, 11:16 AMpreAuthSessionId
from the createCodePOST override so I can enter that in my DB against the submitted email
?rp
01/09/2023, 11:24 AMporcellus
01/09/2023, 11:24 AMcreateCodePOST
should contain the preAuthSessionId
createCodePOST
consumeCodePOST
that saves the userId
into your DB keyed with the preAuthSessionId
preAuthSessionId
. If it exists you can create a new session and remove the record from your DBFlyingFox
01/09/2023, 11:35 AMporcellus
01/09/2023, 11:41 AMconsumeCode
and the polling endpoint instead of the user.