https://supertokens.com/ logo
#support-questions
Title
# support-questions
t

turbosepp

01/16/2023, 1:26 PM
Hello! Got supertokens running in production in combination with Hasura and an Angular Frontend. Everything works except one thing: The Frontend sends a request to /auth/session/refresh every 3 seconds that returns with a 404. This fills up my logs and can't be too good. Can you give ma any help on that? What information do you need?
r

rp

01/16/2023, 1:28 PM
hey @turbosepp
404 or 401?
t

turbosepp

01/16/2023, 1:28 PM
404
r

rp

01/16/2023, 1:29 PM
can you enable backend debug logs and show me the output when this API is called? Also, does it work in dev?
t

turbosepp

01/16/2023, 1:31 PM
To be honest, no dev-env currently availabe as dev had to became prod fast 😉 ...but there should be in some days. I'll try to get the backend logs... one moment
{"type":"http-log","timestamp":"2023-01-16T13:37:48.382+0000","level":"error","detail":{"operation":{"error":{"path":"$","error":"resource does not exist","code":"not-found"},"request_id":"13573d63-9de9-45d0-bd46-03aae1650ee5","response_size":65,"request_mode":"error","raw_query":""},"request_id":"13573d63-9de9-45d0-bd46-03aae1650ee5","http_info":{"status":404,"http_version":"HTTP/1.1","url":"/auth/session/refresh","ip":"172.19.0.1","method":"POST","content_encoding":null}}}
This is from the hasura logs. It's sending this refresh request there. This is right?
In my understanding it should go to the supertokens express-server we set up instead. Or am I wrong?
r

rp

01/16/2023, 2:01 PM
it should go to supertokens express server indeed
what is the apiDomain that you have set on the frontend? Does it point to the express server?
t

turbosepp

01/16/2023, 2:40 PM
Ahh... seems like this is the thing. I thought with "apiDomain" the backend-API is meant, not the supertokens-server
r

rp

01/16/2023, 2:40 PM
well, it's not the supertokens core server. It's the api's domain in which you have integrated our backend SDK
t

turbosepp

01/16/2023, 2:41 PM
"the URL of your app's API path"
hmmm
r

rp

01/16/2023, 2:41 PM
it should point to the "supertokens express-server" that you had setup
t

turbosepp

01/16/2023, 2:42 PM
yes I understand. But in the express-server there should be the same for "apiDomain" right?
r

rp

01/16/2023, 2:43 PM
yes
apiDomain on frontend and backend should be set to the same value
t

turbosepp

01/16/2023, 2:44 PM
Ok thanks
But then I wonder why this all worked in the first place
r

rp

01/16/2023, 2:45 PM
yea.. im wondering the same thing
are you using our pre built UI?
t

turbosepp

01/16/2023, 2:46 PM
No, got an already built UI for login/register in the frontend and connected this to supertokens
Hmmm... was some time ago so I have to check that code again
r

rp

01/16/2023, 2:47 PM
hmm ok
were you making sign in calls to the backend via fetch / axios or via our web-js SDK?
t

turbosepp

01/16/2023, 2:50 PM
I'm looking into it right now... one moment
Ok, so it looks like the signin and signup-POST-calls are via the angular httpClient package ...going to /auth/singin and /auth/signup
r

rp

01/16/2023, 2:56 PM
right. That's why it was all working before.
So you need to change the apiDomain on the frontend and backedn to point to the same domain on which signin, signup are being called.
t

turbosepp

01/16/2023, 2:57 PM
Yes, it looks like I got a mess with my env-vars and therefore the domains there
but I can keep the implementation with the angular http-calls?
r

rp

01/16/2023, 3:00 PM
yes
t

turbosepp

01/16/2023, 3:00 PM
And it pobably also resolves my troubles getting a https-connection without broken links (to logos) in the browser to "auth/dashboard" right?
as there is the wrong apiDomain put in the express-server
r

rp

01/16/2023, 3:04 PM
what do you mean? The logos on the dashboard are not loading up?
can i see a screenshot, and if you don't mind sharing, which country are you from?
t

turbosepp

01/16/2023, 3:06 PM
Got CORS-errors in the console
r

rp

01/16/2023, 3:06 PM
i see. Can i see the console logs?
t

turbosepp

01/16/2023, 3:06 PM
Die Ressource unter "https://raw.githubusercontent.com/supertokens/supertokens-logo/master/logo/ST_full_logo_dark_theme.svg" wurde aufgrund ihres Cross-Origin-Resource-Policy-Headers (oder dessen Fehlens) blockiert. Weitere Informationen unter https://developer.mozilla.org/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)# dashboard
r

rp

01/16/2023, 3:07 PM
thanks. We will fix that.
It's got nothing to do with the apiDomain misconfig.
t

turbosepp

01/16/2023, 3:07 PM
Ah ok! Good to know
I would probably have took more time on that 😉
thanks for your help @rp !
r

rp

01/16/2023, 3:08 PM
happy to help 🙂
t

turbosepp

01/16/2023, 3:09 PM
👍