Skip to main content

Session Verification using getSession

caution

Please use the verifySession middleware whenever possible as it is simpler to use.

Requiring an active session#

import express from "express";import Session from "supertokens-node/recipe/session";
let app = express();
app.post("/like-comment", async (req, res) => {
    let session = await Session.getSession(req, res);
    if (session === undefined) {        throw Error("Should never come here")    }
    let userId = session.getUserId();    //....});

Optional session verification#

Sometimes, you want an API to be accessible even if there is no session. In that case, you can use the sessionRequired flag:

import express from "express";import Session from "supertokens-node/recipe/session";
let app = express();
app.post("/like-comment", async (req, res) => {
    let session = await Session.getSession(req, res, { sessionRequired: false })
    if (session !== undefined) {        let userId = session.getUserId();    } else {        // user is not logged in...    }    //....});
What type of UI do you want to use?
Custom UI
Pre built UI