Session Verification using getSession
caution
Please use the verifySession middleware whenever possible as it is simpler to use.
Requiring an active session#
- NodeJS
- GoLang
- Python
- Express
- Hapi
- Fastify
- Koa
- Loopback
- AWS Lambda / Netlify
- Next.js
- NestJS
let Session = require("supertokens-node/recipe/session");
app.post("/like-comment", (req, res) => { let session = await Session.getSession(req, res); if (session === undefined) { throw Error("Should never come here") } let userId = session.getUserId(); //....});let Session = require("supertokens-node/recipe/session");
server.route({ path: "/like-comment", method: "post", handler: async (req, res) => { let session = await Session.getSession(req, res);
if (session === undefined) { throw Error("Should never come here") } let userId = session.getUserId(); //... }})let Session = require("supertokens-node/recipe/session");
fastify.post("/like-comment", (req, res) => { let session = await Session.getSession(req, res);
if (session === undefined) { throw Error("Should never come here") } let userId = session.getUserId(); //....});let Session = require("supertokens-node/recipe/session");let { middleware } = require("supertokens-node/framework/awsLambda");
async function likeComment(awsEvent, _) => { let session = await Session.getSession(awsEvent, awsEvent);
if (session === undefined) { throw Error("Should never come here") } let userId = session.getUserId(); //....});
exports.handler = middleware(likeComment);
let Session = require("supertokens-node/recipe/session");
router.post("/like-comment", (ctx, next) => { let session = await Session.getSession(ctx, ctx);
if (session === undefined) { throw Error("Should never come here") } let userId = session.getUserId(); //....});import Session from "supertokens-node/recipe/session";
class LikeComment { constructor(@inject(RestBindings.Http.CONTEXT) private ctx: MiddlewareContext) {} @post("/like-comment") @response(200) handler() { let session = await Session.getSession(this.ctx, this.ctx);
if (session === undefined) { throw Error("Should never come here") } let userId = session.getUserId(); //.... }}import { superTokensNextWrapper } from 'supertokens-node/nextjs'import Session from "supertokens-node/recipe/session";
export default async function likeComment(req, res) { let session = await superTokensNextWrapper( async (next) => { return await Session.getSession(req, res); }, req, res )
if (session === undefined) { throw Error("Should never come here") } let userId = session.getUserId(); //....}import Session from "supertokens-node/recipe/session";
@Controller()export class ExampleController { @Post('example') @UseGuards(AuthGuard) async postExample(@Request() req, @Response({passthrough: true}) res): Promise<boolean> { // This should be done inside a parameter decorator, for more information please read our NestJS guide. const session = await Session.getSession(req, res);
if (session === undefined) { throw Error("Should never come here") } const userId = session.getUserId(); //.... }}func likeCommentAPI(w http.ResponseWriter, r *http.Request) { sessionContainer, err := session.GetSession(r, w, nil)
if err != nil { err = supertokens.ErrorHandler(err, r, w) if err != nil { // TODO: send 500 to client } return }
userID := sessionContainer.GetUserID()
// TODO: API logic...}- FastAPI
- Flask
- Django
from supertokens_python.recipe.session.asyncio import get_session
@app.post('/like-comment')async def like_comment(request: Request): session = await get_session(request)
user_id = session.get_user_id()
# TODO
from supertokens_python.recipe.session.syncio import get_session
@app.route('/like-comment', methods=['POST'])def like_comment(): session = get_session(request)
user_id = session.get_user_id()
# TODO
from supertokens_python.recipe.session.asyncio import get_session
async def like_comment(request): session = await get_session(request)
user_id = session.get_user_id()
# TODOOptional session verification#
Sometimes, you want an API to be accessible even if there is no session. In that case, you can use the sessionRequired flag:
- NodeJS
- GoLang
- Python
- Express
- Hapi
- Fastify
- Koa
- Loopback
- AWS Lambda / Netlify
- Next.js
- NestJS
let Session = require("supertokens-node/recipe/session");
app.post("/like-comment", (req, res) => { let session = await Session.getSession(req, res, {sessionRequired: false}) if (session !== undefined) { let userId = session.getUserId(); } else { // user is not logged in... } //....});let Session = require("supertokens-node/recipe/session");
server.route({ path: "/like-comment", method: "post",
handler: async (req, res) => { let session = await Session.getSession(req, res, {sessionRequired: false}) if (session !== undefined) { let userId = session.getUserId(); } else { // user is not logged in... } //... }})let Session = require("supertokens-node/recipe/session");
fastify.post("/like-comment", (req, res) => { let session = await Session.getSession(req, res, {sessionRequired: false}) if (session !== undefined) { let userId = session.getUserId(); } else { // user is not logged in... } //....});let Session = require("supertokens-node/recipe/session");let { middleware } = require("supertokens-node/framework/awsLambda");
async function likeComment(awsEvent, _) => { let session = await Session.getSession(awsEvent, awsEvent, {sessionRequired: false}) if (session !== undefined) { let userId = session.getUserId(); } else { // user is not logged in... }
//....});
exports.handler = middleware(likeComment);
let Session = require("supertokens-node/recipe/session");
router.post("/like-comment", (ctx, next) => { let session = await Session.getSession(ctx, ctx, {sessionRequired: false}) if (session !== undefined) { let userId = session.getUserId(); } else { // user is not logged in... }
//....});import Session from "supertokens-node/recipe/session";
class LikeComment {
constructor(@inject(RestBindings.Http.CONTEXT) private ctx: MiddlewareContext) {} @post("/like-comment") @response(200) handler() { let session = await Session.getSession(this.ctx, this.ctx, {sessionRequired: false}) if (session !== undefined) { let userId = session.getUserId(); } else { // user is not logged in... } //.... }}import { superTokensNextWrapper } from 'supertokens-node/nextjs'import Session from "supertokens-node/recipe/session";
export default async function likeComment(req, res) { let session = await superTokensNextWrapper( async (next) => { return await Session.getSession(req, res, {sessionRequired: false}); }, req, res ) if (session !== undefined) { let userId = session.getUserId(); } else { // user is not logged in... } //....}@Controller()export class ExampleController { @Post('example') @UseGuards(AuthGuard) async postExample(@Request() req, @Response({passthrough: true}) res): Promise<boolean> { // This should be done inside a parameter decorator, for more information please read our NestJS guide. const session = await Session.getSession(req, res, {sessionRequired: false}) if (session !== undefined) { const userId = session.getUserId(); } else { // user is not logged in... } //.... }}func likeCommentAPI(w http.ResponseWriter, r *http.Request) { sessionRequired := false sessionContainer, err := session.GetSession(r, w, &sessmodels.VerifySessionOptions{ SessionRequired: &sessionRequired, })
if err != nil { err = supertokens.ErrorHandler(err, r, w) if err != nil { // TODO: send 500 to client } return }
userID := sessionContainer.GetUserID()
// TODO: API logic...}- FastAPI
- Flask
- Django
from supertokens_python.recipe.session.asyncio import get_session
@app.post('/like-comment')async def like_comment(request: Request): session = await get_session(request, session_required=False)
if session is not None: user_id = session.get_user_id() else: # user is not logged in
from supertokens_python.recipe.session.syncio import get_session
@app.route('/like-comment', methods=['POST'])def like_comment(): session = get_session(request, session_required=False)
if session is not None: user_id = session.get_user_id() else: # user is not logged in
from supertokens_python.recipe.session.asyncio import get_session
async def like_comment(request): session = await get_session(request, session_required=False)
if session is not None: user_id = session.get_user_id() else: # user is not logged in