2.1.X

Minimum setup (2 mins)

1) Create a refresh API

  • This API will be used to get new access and refresh tokens (done automatically from our frontend SDK).
let supertokens = require("supertokens-node");

let app = express();
app.post("/refresh", supertokens.middleware(), (req, res) => {
    res.send("");
});
import * as supertokens from "supertokens-node";

let app = express();

app.post("/refresh", supertokens.middleware(), (req, res) => {
    res.send("");
});

2) Add an error handler

  • Add this at the end of all your routes, but before your error middleware.
  • By default, SuperTokens takes care of handling session errors for you. However, you can define your own logic as well.
let supertokens = require("supertokens-node");

let app = express();

// add all your routes here...

// add SuperTokens error middleware
app.use(supertokens.errorHandler());

// add your error middleware
app.use((err, req, res, next) => {
    res.send(500).send(err);
})
import * as supertokens from "supertokens-node";

let app = express();

// add all your routes here...

// add SuperTokens error middleware
app.use(supertokens.errorHandler());

// add your error middleware
app.use((err, req, res, next) => {
    res.send(500).send(err);
})

3) Change SuperTokens config.yaml

  • Set appropriate values for cookie_domain and refresh_api_path in the SuperTokens config.yaml file.
  • You can also specify these values via the supertokens.init function mentioned below.

4) Specify the location of SuperTokens Service and other configs

  • Call this somewhere close to where you initialise the app.
  • You can provide multiple addresses in case you are running more than one SuperTokens service (as shown below).
  • The default location of SuperTokens is localhost:3567. If using the trial instance, use https://try.supertokens.com
let supertokens = require("supertokens-node");

let app = express();

supertokens.init({
    hosts: "http://localhost:3567;https://try.supertokens.com"
});
import * as supertokens from "supertokens-node";

let app = express();

supertokens.init({
    hosts: "http://localhost:3567;https://try.supertokens.com"
});
  • All config values (these will override the ones specified in the config.yaml file):
    • hosts: string - ; separated string for all the locations of SuperTokens instances.
    • accessTokenPath: string - See access_token_path in the config.yaml file
    • refreshAPIPath: string - See refresh_api_path in the config.yaml file
    • cookieDomain: string - See cookie_domain in the config.yaml file
    • cookieSecure: *bool - See cookie_secure in the config.yaml file
    • cookieSameSite: string - See cookie_same_site in the config.yaml file
InstallationNext