Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Title
d
d3adb0y
01/12/2023, 5:27 PMis there a way i can get supertokens working on localhost without having a different website and api domain? initially i was using ngrok domain name in my configuration however im getting another developer involved in this project and i need a way for them to be able to run the entire stack locally without any additional tools
supertokens_python.exceptions.GeneralError: Since your API and website domain are different, for sessions to work, please use https on your apiDomain and don't set cookieSecure to false.r
rp
01/12/2023, 5:51 PMhey @d3adb0y yea, you can use localhost for your websiteDomain value, and either localhost on apiDomain, or something like
https://api.yourapp.comd
d3adb0y
01/12/2023, 5:52 PMdoes that domain need to be routable?
currently trying to use localhost and on refresh im getting 400 response from the API
r
rp
01/12/2023, 5:53 PM> does that domain need to be routable?
What do you mean?
Also, what values have you set for apiDomain and websiteDOmain (on frontend and backend)
d
d3adb0y
01/12/2023, 5:53 PMSuperTokens.init({
appInfo: {
appName: "Virtual Labs API",
apiDomain: "http://localhost:9000",
websiteDomain: "http://localhost:5173",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
Passwordless.init({
useShadowDom: false,
contactMethod: "EMAIL"
}),
Session.init()
]
});am using the same api and website domain values on the backend
r
rp
01/12/2023, 5:54 PMyea. this should work just fine
d
d3adb0y
01/12/2023, 5:54 PMon the python backend
do i need to set these params
session.init(cookie_same_site="lax", cookie_secure=False)r
rp
01/12/2023, 5:54 PMif you visit he refresh API on your browser, it should give you a 404 though. Cause the refresh API is only a POST and not GET
you can remove hte cookie_same_site and cookie_secure params. We set those automatically based on apiDomain and websiteDOmain
d
d3adb0y
01/12/2023, 5:56 PM"OPTIONS /auth/session/refresh HTTP/1.1" 400
i just see 400 response from the API now
on refresh
r
rp
01/12/2023, 5:56 PMright.. you shuold see how you have configured CORS on your backend.
CORS sending a 400 means something is wrong with the CORS middleware.
d
d3adb0y
01/12/2023, 5:57 PMoh duh
forgot to change those values