Updating roles in a session
This can only be done on the backend by using the updateAccessTokenPayload
function post session verification:
- NodeJS
- GoLang
- Python
- Express
- Hapi
- Fastify
- Koa
- Loopback
- AWS Lambda / Netlify
- Next.js
- NestJS
import express from "express";import { verifySession } from "supertokens-node/recipe/session/framework/express";import { SessionRequest } from "supertokens-node/framework/express";
let app = express();
app.post("/update-role", verifySession(), async (req: SessionRequest, res) => {
let userId = req.session!.getUserId();
let role = "newRole"; // TODO: fetch based on user
// Note that this will override any existing access token payload // that you may have provided earlier. await req.session!.updateAccessTokenPayload( { role } );
//....});
import Hapi from "@hapi/hapi";import { verifySession } from "supertokens-node/recipe/session/framework/hapi";import { SessionRequest } from "supertokens-node/framework/hapi";
let server = Hapi.server({ port: 8000 });
server.route({ path: "/update-role", method: "post", options: { pre: [ { method: verifySession() }, ], }, handler: async (req: SessionRequest, res) => { let userId = req.session!.getUserId();
let role = "newRole"; // TODO: fetch based on user
// Note that this will override any existing access token payload // that you may have provided earlier. await req.session!.updateAccessTokenPayload( { role } );
//.... }})
import Fastify from "fastify";import { verifySession } from "supertokens-node/recipe/session/framework/fastify";import { SessionRequest } from "supertokens-node/framework/fastify";
let fastify = Fastify();
fastify.post("/update-role", { preHandler: verifySession(),}, async (req: SessionRequest, res) => { let userId = req.session!.getUserId();
let role = "newRole"; // TODO: fetch based on user
// Note that this will override any existing access token payload // that you may have provided earlier. await req.session!.updateAccessTokenPayload( { role } );
//....});
import { verifySession } from "supertokens-node/recipe/session/framework/awsLambda";import { SessionEvent } from "supertokens-node/framework/awsLambda";
async function updateRole(awsEvent: SessionEvent) { let userId = awsEvent.session!.getUserId();
let role = "newRole"; // TODO: fetch based on user
// Note that this will override any existing access token payload // that you may have provided earlier. await awsEvent.session!.updateAccessTokenPayload( { role } );
//....};
exports.handler = verifySession(updateRole);
import KoaRouter from "koa-router";import { verifySession } from "supertokens-node/recipe/session/framework/koa";import { SessionContext } from "supertokens-node/framework/koa";
let router = new KoaRouter();
router.post("/update-role", verifySession(), async (ctx: SessionContext, next) => { let userId = ctx.session!.getUserId();
let role = "newRole"; // TODO: fetch based on user
// Note that this will override any existing access token payload // that you may have provided earlier. await ctx.session!.updateAccessTokenPayload( { role } );
//....});
import { inject, intercept } from "@loopback/core";import { RestBindings, MiddlewareContext, post, response } from "@loopback/rest";import { verifySession } from "supertokens-node/recipe/session/framework/loopback";import Session from "supertokens-node/recipe/session";
class UpdateRole { constructor(@inject(RestBindings.Http.CONTEXT) private ctx: MiddlewareContext) { } @post("/update-role") @intercept(verifySession()) @response(200) async handler() { let userId = ((this.ctx as any).session as Session.SessionContainer).getUserId();
let role = "newRole"; // TODO: fetch based on user
// Note that this will override any existing access token payload // that you may have provided earlier. await ((this.ctx as any).session as Session.SessionContainer).updateAccessTokenPayload( { role } );
//.... }}
import { superTokensNextWrapper } from 'supertokens-node/nextjs'import { verifySession } from "supertokens-node/recipe/session/framework/express";import { SessionRequest } from "supertokens-node/framework/express";
export default async function updateRole(req: SessionRequest, res: any) { await superTokensNextWrapper( async (next) => { await verifySession()(req, res, next); }, req, res )
let userId = req.session!.getUserId();
let role = "newRole"; // TODO: fetch based on user
// Note that this will override any existing access token payload // that you may have provided earlier. await req.session!.updateAccessTokenPayload( { role } );
//....}
import { Controller, Post, UseGuards, Session } from "@nestjs/common";import { SessionContainer } from "supertokens-node/recipe/session";import { AuthGuard } from './auth/auth.guard';
@Controller()export class ExampleController { @Post('example') @UseGuards(AuthGuard) async postExample(@Session() session: SessionContainer): Promise<boolean> { // For more information about "AuthGuard" and the "Session" decorator please read our NestJS guide. let userId = session.getUserId(); let role = "admin"; // TODO: fetch based on user
// Note that this will override any existing access token payload // that you may have provided earlier. await session.updateAccessTokenPayload( {role} );
//.... return true; }}
import ( "net/http"
"github.com/supertokens/supertokens-golang/recipe/session" "github.com/supertokens/supertokens-golang/supertokens")
// Make sure that you wrap this API with the session.VerifySession() functionfunc setRoleAPI(w http.ResponseWriter, r *http.Request) { sessionContainer := session.GetSessionFromRequestContext(r.Context())
currAccessTokenPayload := sessionContainer.GetAccessTokenPayload()
currAccessTokenPayload["role"] = "newRole" // TODO: fetch based on user
// Note that this will override any existing access token payload // that you may have provided earlier. err := sessionContainer.UpdateAccessTokenPayload(currAccessTokenPayload) if err != nil { err = supertokens.ErrorHandler(err, r, w) if err != nil { // TODO: return 500 status code to the client } return }}
- FastAPI
- Flask
- Django
from supertokens_python.recipe.session.framework.fastapi import verify_sessionfrom supertokens_python.recipe.session import SessionContainerfrom fastapi import Dependsfrom fastapi.responses import PlainTextResponse
@app.post('/update-access-token-payload') async def update_access_token_payload(session: SessionContainer = Depends(verify_session())): # retrieve the session object as shown below current_access_token_payload = session.get_access_token_payload()
current_access_token_payload['role'] = 'newRole'
await session.update_access_token_payload(current_access_token_payload)
return PlainTextResponse(content='success')
from supertokens_python.recipe.session.framework.flask import verify_sessionfrom supertokens_python.recipe.session import SessionContainerfrom flask import g
@app.route('/update-access-token-payload', methods=['POST']) @verify_session()def update_access_token_payload(): session: SessionContainer = g.supertokens
# retrieve the session object as shown below current_access_token_payload = session.get_access_token_payload()
current_access_token_payload['role'] = 'newRole'
session.sync_update_access_token_payload(current_access_token_payload)
return 'success'
from supertokens_python.recipe.session.framework.django.asyncio import verify_sessionfrom django.http import HttpRequestfrom supertokens_python.recipe.session import SessionContainer
@verify_session()async def update_access_token_payload(request: HttpRequest): session: SessionContainer = request.supertokens # retrieve the session object as shown below current_access_token_payload = session.get_access_token_payload()
current_access_token_payload['role'] = 'newRole'
await session.update_access_token_payload(current_access_token_payload)