https://supertokens.com/ logo
Title
k

Kevin__

03/04/2023, 11:08 AM
Nothing is happening when I revoke in the frontend ?
r

rp

03/04/2023, 12:59 PM
Hey @Kevin__
Can I see the sign out api call request headers and response?
k

Kevin__

03/04/2023, 3:28 PM
See the thing is the session still exists , even after I log out? Should that happen?
sessionContext.doesSessionExist this returns true even when I sign out
r

rp

03/04/2023, 3:51 PM
What r the request headers for the sign out api?
Right. So the brower isn’t adding the cookies to the request
When you sign in, what’s the response headers?
k

Kevin__

03/04/2023, 3:55 PM
let me see
r

rp

03/04/2023, 3:57 PM
Can you hover on the orange triangle on the set-cookie header? What does it say?
k

Kevin__

03/04/2023, 3:58 PM
yes sure just a sec
Same Site = Lax , something like that issue
It says it was blocked because the attribute SameSite = Lax was blocking it
r

rp

03/04/2023, 4:03 PM
What’s the website url?
And what’s the value of apiDomain and websiteDomain that you have set?
k

Kevin__

03/04/2023, 4:06 PM
127.0.0.5173
localhost:8000
r

rp

03/04/2023, 4:08 PM
Right. Have you correctly set the websiteDomain value on the backend?
k

Kevin__

03/04/2023, 4:09 PM
I think yes.
r

rp

03/04/2023, 4:09 PM
Hmm. This should result in cookie sameSite as none
Can you restart your backend and login again? Do you set the orange warning trainable again?
Triangle *
k

Kevin__

03/04/2023, 4:10 PM
ok sure
Sorry for keeping you on wait , Same issue
I can add my code to any github repo and send them to you , how does that sound?
r

rp

03/04/2023, 4:20 PM
In session.init, set the cookieSameSite setting to “none”
On the backend
k

Kevin__

03/04/2023, 4:20 PM
oh let me do that
is it like this?
r

rp

03/04/2023, 4:23 PM
Yes. On the backend code
Try logging in now
k

Kevin__

03/04/2023, 4:27 PM
This is the sign in headers
This is the signout
But still the session is logged In
r

rp

03/04/2023, 4:28 PM
Are you showing me the options request or post?
k

Kevin__

03/04/2023, 4:29 PM
I did not understand the question , I am sorry
r

rp

03/04/2023, 4:30 PM
The screenshot you sent me above. What method is it?
k

Kevin__

03/04/2023, 4:30 PM
post
using SDK
r

rp

03/04/2023, 4:30 PM
So no cookies are being sent at all now?
k

Kevin__

03/04/2023, 4:30 PM
nope
r

rp

03/04/2023, 4:30 PM
That’s weird.
k

Kevin__

03/04/2023, 4:30 PM
I am just following the guide of react
r

rp

03/04/2023, 4:30 PM
Can you remove the cookieSameSite setting and try again?
k

Kevin__

03/04/2023, 4:31 PM
But I am unable to sign out? OR when I call the sign out function
The doesSessionExist function always returns true
How do I confirm whether the person has logged out.
r

rp

03/04/2023, 4:33 PM
Can u remove the setting and try again?
Do the cookies get sent?
And if you add the setting back, do the cookies not get sent?
k

Kevin__

03/04/2023, 4:34 PM
I did it , the cookie always come whether i add the setting or not
r

rp

03/04/2023, 4:35 PM
In the response headers?
Sign in api response header I mean
k

Kevin__

03/04/2023, 4:36 PM
Let me see
r

rp

03/04/2023, 4:37 PM
The cookieSameSite none setting should make things work
I’m not sure why the previous screenshots u sent didn’t have set-cookies in the response
Unless you are showing me the OPTIONS request. Then it won’t have set-cookie. But POST should have
k

Kevin__

03/04/2023, 4:39 PM
oh okay , this is when I do not have the setting
this is when i put the sameSite as none
it still throws the error in setCookie
r

rp

03/04/2023, 4:42 PM
Right. So with sameSite none, if y hover on the triangle, what does it say?
Oh right. It won’t allow u cause u r using http not https
k

Kevin__

03/04/2023, 4:42 PM
it says that , it was blocked because it did not have "secure" attribute
r

rp

03/04/2023, 4:42 PM
Ok. So switch to using header based auth instead of cookie
Search in our docs for token transfer method
And switch to using header based. Things should work the
Then*
k

Kevin__

03/04/2023, 4:43 PM
Oh Okay, Thank you so much.
This was one hell of a customer experience
I have never seen founders so involved with the issues of the user