hi, thanks for a nice tool!
i have some question
I want to validate the session in React and redirect to the sign-in page if the token has expired.
which API shoud I use?
i tried following, but they don't work
<SessionAuth
onSessionExpired={() => {
redirectToAuth();
}}
>
r
rp
03/02/2023, 4:36 AM
Hey @kazumo
Just using SessionAuth should work
Token expiry will cause a session refresh
SessionAuth redirects if there is no session
k
kazumo
03/02/2023, 11:30 AM
@rp
thanks for the answer
the only time SessionAuth works is when the cookie token value is 'remove', right?
i want to redirect to redirect to the sign-in page when the cookie token value is alive and the refreshtoken has expired
what is best approach?
r
rp
03/02/2023, 11:30 AM
> when the cookie token value is alive and the refreshtoken has expired
In this case, the next time a refresh is attempted, it should logout the user and set the cookie token to "remove"
and then you would be sent to the login page
k
kazumo
03/03/2023, 12:20 AM
@rp
i think the verifySession and getSession functions always update the token, is that correct?
is there any way to just verify that the token is valid and not refresh the token?
r
rp
03/03/2023, 4:04 AM
VerifySession and getSession don’t always update the token. Token update only happens if you change the access token payload in the api.
How are you using the verifySession / getSession function?
k
kazumo
03/03/2023, 6:53 AM
@rp
this is my code
I referred to the following
https://supertokens.com/docs/thirdparty/nextjs/session-verification/in-api
export default async function userFunk(req: any, res: any) {
await NextCors(req, res, {
methods: ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE'],
origin: process.env.NEXT_PUBLIC_DOMAIN_ROOT,
credentials: true,
allowedHeaders: ['content-type', ...supertokens.getAllCORSHeaders()],
});
let err = null;
await superTokensNextWrapper(
async (next) => {
err = await verifySession()(req, res, next);
return err;
},
req,
res,
);
console.log('err', err);
if (err) {
return res.json({
status: 'failed',
});
}
return res.json({
status: 'success',
});
}
r
rp
03/03/2023, 10:27 AM
and what are the request / response headers for the API call? Can you make the API call 3 times and show me the request and response header for each API call?