Verify Session
Use supertokens.middleware()
supertokens.middleware(enableCsrfProtection?)
- All APIs that require a valid session must use this middleware.
- If
enableCsrfProtectionisundefined, CSRF protection will be applied to all non-GET and non-OPTIONS APIs automatically. - If successful, it will create a session object that can be accessed via
request.session. - This uses the
getSession()function.
Example
const supertokens = require("supertokens-node");
app.post("/like-comment", supertokens.middleware(), function (req, res) {
let userId = req.session.getUserId();
res.send(userId);
});
import * as supertokens from 'supertokens-node';
app.post("/like-comment", supertokens.middleware(), function (req: supertokens.Type.SessionRequest, res) {
let userId = req.session.getUserId();
res.send(userId);
});