This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.
This is just a proposal so far, it hasn't been accepted and needs further discussion.
We want devs to be able to be able to specifically allow/disallow a token transfer method in
refreshSession. E.g.: A web only application wants to only ever want to use cookie based sessions (and httpOnly cookies), so they want to disable header based sessions.
- Add a new
- Single function override if someone wants to only allow/use a single token transfer method