1.4.X

Verify Session

Use supertokens.Middleware()

// doAntiCsrfCheck is optional
supertokens.Middleware(doAntiCsrfCheck ...bool);
// doAntiCsrfCheck is optional
supertokens.Middleware(doAntiCsrfCheck ...bool);
  • All APIs that require a valid session must use this middleware.
  • If doAntiCsrfCheck is not provided, CSRF protection will be applied to all non-GET and non-OPTIONS APIs automatically.
  • If successful, it will create a session object that can be accessed via supertokens.GetSessionFromRequest function (see code example below).
  • This uses the GetSession function.

Example

import "github.com/supertokens/supertokens-go/supertokens"

http.HandleFunc("/like-comment", supertokens.Middleware(func(w http.ResponseWriter, r *http.Request) {
    
    session := supertokens.GetSessionFromRequest(r)
    userID := session.GetUserID()

    w.Write([]byte(userID))
}))
import "github.com/supertokens/supertokens-go/gin/supertokens"

r.POST("/like-comment", supertokens.Middleware(), func(c *gin.Context) {
    
    session := supertokens.GetSessionFromRequest(c)
    userID := session.GetUserID()

    c.JSON(http.StatusOK, gin.H{ 
        "userID" : userID, 
    })
})
User LoginSession Object