mjmonupwego
02/11/2023, 11:45 AMSessionError: Session does not exist. Are you sending the session tokens in the request as cookies?
at Object.<anonymous> (/Volumes/Development/a4t/a4t-auth-api/node_modules/supertokens-node/lib/build/recipe/session/recipeImplementation.js:159:27)
at Generator.next (<anonymous>)
at /Volumes/Development/a4t/a4t-auth-api/node_modules/supertokens-node/lib/build/recipe/session/recipeImplementation.js:30:75
at new Promise (<anonymous>)
at __awaiter (/Volumes/Development/a4t/a4t-auth-api/node_modules/supertokens-node/lib/build/recipe/session/recipeImplementation.js:12:16)
at Object.getSession (/Volumes/Development/a4t/a4t-auth-api/node_modules/supertokens-node/lib/build/recipe/session/recipeImplementation.js:139:20)
at Object.<anonymous> (/Volumes/Development/a4t/a4t-auth-api/node_modules/supertokens-node/lib/build/recipe/session/index.js:156:55)
at Generator.next (<anonymous>)
at /Volumes/Development/a4t/a4t-auth-api/node_modules/supertokens-node/lib/build/recipe/session/index.js:44:75
at new Promise (<anonymous>) {
type: 'UNAUTHORISED',
payload: { clearCookies: false },
errMagic: 'ndskajfasndlfkj435234krjdsa',
fromRecipe: 'session'
}
Has anyone managed to get a setup similar to this working, and if so, could you give some pointers?rp_st
02/11/2023, 12:14 PMrp_st
02/11/2023, 12:16 PMmjmonupwego
02/11/2023, 3:35 PMverify headers {
host: 'docker.for.mac.localhost:4000',
'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36',
accept: '*/*',
'accept-encoding': 'gzip, deflate, br',
'accept-language': 'en-US,en;q=0.9',
'cache-control': 'max-age=0',
'content-type': 'application/json',
cookie: 'sIdRefreshToken=7b99718d-9393-491c-947f-0c1d47d5614c; sAccessToken=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsInZlcnNpb24iOiIyIn0%3D.eyJzZXNzaW9uSGFuZGxlIjoiZjgzNmM2NWYtMTNmMS00ODdmLTlkMzItNjU2NjUyOGUxZjc2IiwidXNlcklkIjoiYTY1MzFkZWUtMzc5Mi00OWMwLTg3N2ItOWNhMGRkYTI4MDBjIiwicmVmcmVzaFRva2VuSGFzaDEiOiIxOWQxM2VjZDUzZjk3NGI1MTEzYzI5ZWM0MTVkMTkzOWE0NDA4YTAwZDgwODg4MDkyNTBiZjFjYjQxZWNjNDZkIiwicGFyZW50UmVmcmVzaFRva2VuSGFzaDEiOm51bGwsInVzZXJEYXRhIjp7fSwiYW50aUNzcmZUb2tlbiI6bnVsbCwiZXhwaXJ5VGltZSI6MTY3NjEzMjg4MzM5MCwidGltZUNyZWF0ZWQiOjE2NzYxMjkyODMzOTAsImxtcnQiOjE2NzYxMjkyODMyOTB9.b9bHQi3FhyTj84kwaEgts65xeYxvFH6osLg91g6J6txcIHjZNYlJr9P1QS9RzOxAz4JNfyqnbjKvaQC%2Fr%2BhLX7BHs7G0OanOszKpSSFIlZgeuqE44sM1pLFWb7mnouI%2BiJeDLDpAm8YNrg4VsA9y%2F77wgV%2BTvdvs7AKIfmLUMZvGNqtFqVDpBa5LDEr6lQVsFtnFl2%2FLEYiUbYt7jjiFsmXnm%2Bz9uyI43Caa3oTSoWb%2F3aEensxOWCydsNfQgXkDjTEwPeFAGt7brr6YZCyvZ0i4ooqEP8xiWvejL1dt9k5%2BVx61ya35z%2BmYPT2VZ4jJX8iyu4ACQmxSNpBN1BfpeQ%3D%3D',
dnt: '1',
origin: 'http://a4tlocalapp.docker.localhost',
rid: 'anti-csrf',
'sec-ch-ua': '"Chromium";v="109", "Not_A Brand";v="99"',
'sec-ch-ua-mobile': '?0',
'sec-ch-ua-platform': '"macOS"',
'sec-fetch-dest': 'empty',
'sec-fetch-mode': 'cors',
'sec-fetch-site': 'same-site',
'x-forwarded-for': '172.30.0.1',
'x-forwarded-host': 'a4tlocalapi.docker.localhost',
'x-forwarded-method': 'GET',
'x-forwarded-port': '80',
'x-forwarded-proto': 'http',
'x-forwarded-server': '9c3a23d44a18',
'x-forwarded-uri': '/api/calendars',
'x-real-ip': '172.30.0.1'
}
rp_st
02/11/2023, 3:36 PMrp_st
02/11/2023, 3:36 PM.mjmon
02/11/2023, 3:57 PMrp_st
02/11/2023, 3:57 PMrp_st
02/11/2023, 3:57 PM.mjmon
02/11/2023, 4:14 PMconst express = require('express');
const supertokens = require('supertokens-node');
const SessionNode = require('supertokens-node/recipe/session');
ā¦
app.get('/verify', async (req, res) => {
console.log(āverify headersā, req.headers);
const session = await SessionNode.getSession(req, res);
res.status(200).send('OK');
}
Keeping it simple, so just trying to get the session at the moment.
The exception is thrown at the getSession.
Other routes like the one below are working fine:
app.get('/auth/user-profile', verifySession(), async (req, res) => {
const session = req.session;
const userId = session.getUserId();
let userInfo = await EmailPasswordNode.getUserById(userId);
if (userInfo === undefined) {
res.status(401).send('Unauthorized');
return;
}
const { metadata } = await UserMetadata.getUserMetadata(userId);
const profileData = {
firstName: metadata.firstName,
lastName: metadata.lastName,
email: userInfo.email,
};
res.json({ profile: profileData });
return;
});
Iāve purposely not used the verifySession() in the /verify route so I could do debugging, eg show the headers. The aim will be to introduce that back in once this is figured out.rp_st
02/11/2023, 4:15 PMrp_st
02/11/2023, 4:15 PMrp_st
02/11/2023, 4:16 PMrp_st
02/11/2023, 4:16 PMrp_st
02/11/2023, 4:17 PM.mjmon
02/11/2023, 4:17 PM.mjmon
02/11/2023, 4:18 PMrp_st
02/11/2023, 4:18 PM.mjmon
02/11/2023, 4:19 PMmjmonupwego
02/11/2023, 6:21 PMmjmonupwego
02/11/2023, 6:21 PMrp_st
02/11/2023, 6:23 PMrp_st
02/11/2023, 6:47 PMrp_st
02/11/2023, 6:47 PMmjmonupwego
02/11/2023, 6:49 PMrp_st
02/11/2023, 6:49 PMrp_st
02/11/2023, 6:50 PMrp_st
02/11/2023, 6:50 PM.mjmon
02/11/2023, 6:58 PMrp_st
02/11/2023, 6:58 PMrp_st
02/11/2023, 6:58 PM.mjmon
02/11/2023, 7:00 PMmjmonupwego
02/12/2023, 12:07 AMverify headers {
host: 'docker.for.mac.localhost:4000',
'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36',
accept: '*/*',
'accept-encoding': 'gzip, deflate, br',
'accept-language': 'en-US,en;q=0.9',
'access-control-request-headers': 'content-type,rid,st-auth-mode',
'access-control-request-method': 'GET',
'cache-control': 'max-age=0',
origin: 'http://a4tlocalapp.docker.localhost',
'sec-fetch-dest': 'empty',
'sec-fetch-mode': 'cors',
'sec-fetch-site': 'same-site',
'x-forwarded-for': '172.30.0.1',
'x-forwarded-host': 'a4tlocalapi.docker.localhost',
'x-forwarded-method': 'OPTIONS',
'x-forwarded-port': '80',
'x-forwarded-proto': 'http',
'x-forwarded-server': '9c3a23d44a18',
'x-forwarded-uri': '/api/calendars',
'x-real-ip': '172.30.0.1'
}
The OPTIONS doesn't have the cookie and therefore failed to get a session (obviously). So, I can now take the appropriate action and only get the session for the actual GET request.
I've added a lot of debug and might have accidentally changed other logic, so I'm going to spend a bit of time tomorrow reverting the changes to ensure this is definitely a version upgrade fix.rp_st
02/12/2023, 4:08 AM