important
This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.
supertokens-auth-reactOptional session verification should re-throw TRY_REFRESH_TOKEN errors
Status
This is just a proposal so far, it hasn't been accepted and needs further discussion.
- Status:
- proposed
- Deciders:
- rishabhpoddar, porcellus
- Proposed by:
- porcellus
- Created:
- 2022-11-22
Context and Problem Statement#
verifySession depends on the value of rid and the method to decide if it should re-throw TRY_REFRESH_TOKEN errors coming from the token validation when the access token expired.
Related issue: https://github.com/supertokens/supertokens-node/issues/156
Considered Options#
- Return undefined
- Optional session verification should re-throw TRY_REFRESH_TOKEN errors
Decision Outcome#
Optional session verification should re-throw TRY_REFRESH_TOKEN errors. Reasons:
- Easier to communicate
- The
ridheader affecting if theTRY_REFRESH_TOKENcould be unexpected by users - The
ridheader would be missing in most cases when testing using Postman. It's confusing if that works different from making the same requests through the SDK.
We can ask users who want to use something like sendBeacon on the frontend which doesn't use our interceptors and want to ignore TRY_REFRESH_TOKEN errors on the backend, to create their own middleware which uses getSession and catches and ignores the TRY_REFRESH_TOKEN error.