Pre built UIBackend Integration
Supported frameworks#
1) Install#
- NodeJS
- GoLang
- Python
- Other Frameworks
Important
For other backend frameworks, you can follow our guide on how to spin up a separate server configured with the SuperTokens backend SDK to authenticate requests and issue session tokens.
npm i -s supertokens-node
go get github.com/supertokens/supertokens-golang
pip install supertokens-python
2) Initialise SuperTokens#
- Single app setup
- Multi app setup
Add the code below to your server's init file.
- NodeJS
- GoLang
- Python
- Other Frameworks
Important
For other backend frameworks, you can follow our guide on how to spin up a separate server configured with the SuperTokens backend SDK to authenticate requests and issue session tokens.
- Express
- Hapi
- Fastify
- Koa
- Loopback
- Serverless
- Next.js
- Nest.js
info
Please refer the AWS lambda, Vercel or Netlify sections (In the Integrations section on the left nav bar)
info
Please refer the NextJS section (In the Integrations section on the left nav bar)
info
Please refer the NestJS section (In the Integrations section on the left nav bar)
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import ThirdPartyEmailPassword from"supertokens-node/recipe/thirdpartyemailpassword";
supertokens.init({
framework: "express",
supertokens: {
connectionURI: "",
apiKey: "",
},
appInfo: {
// learn more about this on https://supertokens.com/docs/thirdpartyemailpassword/appinfo
appName: "<YOUR_APP_NAME>",
apiDomain: "<YOUR_API_DOMAIN>",
websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
ThirdPartyEmailPassword.init({/*TODO: See next step*/}),
Session.init() // initializes session features
]
});
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import ThirdPartyEmailPassword from"supertokens-node/recipe/thirdpartyemailpassword";
supertokens.init({
framework: "hapi",
supertokens: {
connectionURI: "",
apiKey: "",
},
appInfo: {
// learn more about this on https://supertokens.com/docs/session/appinfo
appName: "<YOUR_APP_NAME>",
apiDomain: "<YOUR_API_DOMAIN>",
websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
ThirdPartyEmailPassword.init({/*TODO: See next step*/}),
Session.init() // initializes session features
]
});
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import ThirdPartyEmailPassword from"supertokens-node/recipe/thirdpartyemailpassword";
supertokens.init({
framework: "fastify",
supertokens: {
connectionURI: "",
apiKey: "",
},
appInfo: {
// learn more about this on https://supertokens.com/docs/session/appinfo
appName: "<YOUR_APP_NAME>",
apiDomain: "<YOUR_API_DOMAIN>",
websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
ThirdPartyEmailPassword.init({/*TODO: See next step*/}),
Session.init() // initializes session features
]
});
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import ThirdPartyEmailPassword from"supertokens-node/recipe/thirdpartyemailpassword";
supertokens.init({
framework: "koa",
supertokens: {
connectionURI: "",
apiKey: "",
},
appInfo: {
// learn more about this on https://supertokens.com/docs/session/appinfo
appName: "<YOUR_APP_NAME>",
apiDomain: "<YOUR_API_DOMAIN>",
websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
ThirdPartyEmailPassword.init({/*TODO: See next step*/}),
Session.init() // initializes session features
]
});
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import ThirdPartyEmailPassword from"supertokens-node/recipe/thirdpartyemailpassword";
supertokens.init({
framework: "loopback",
supertokens: {
connectionURI: "",
apiKey: "",
},
appInfo: {
// learn more about this on https://supertokens.com/docs/session/appinfo
appName: "<YOUR_APP_NAME>",
apiDomain: "<YOUR_API_DOMAIN>",
websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
ThirdPartyEmailPassword.init({/*TODO: See next step*/}),
Session.init() // initializes session features
]
});
import (
"github.com/supertokens/supertokens-golang/recipe/session"
"github.com/supertokens/supertokens-golang/recipe/thirdpartyemailpassword"
"github.com/supertokens/supertokens-golang/recipe/thirdpartyemailpassword/tpepmodels"
"github.com/supertokens/supertokens-golang/supertokens"
)
func main() {
apiBasePath := "/auth"
websiteBasePath := "/auth"
err := supertokens.Init(supertokens.TypeInput{
Supertokens: &supertokens.ConnectionInfo{
ConnectionURI: "",
APIKey: "",
},
AppInfo: supertokens.AppInfo{
AppName: "<YOUR_APP_NAME>",
APIDomain: "<YOUR_API_DOMAIN>",
WebsiteDomain: "<YOUR_WEBSITE_DOMAIN>",
APIBasePath: &apiBasePath,
WebsiteBasePath: &websiteBasePath,
},
RecipeList: []supertokens.Recipe{
thirdpartyemailpassword.Init(&tpepmodels.TypeInput{/*TODO: See next step*/}),
session.Init(nil), // initializes session features
},
})
if err != nil {
panic(err.Error())
}
}
- FastAPI
- Flask
- Django
from supertokens_python import init, InputAppInfo, SupertokensConfig
from supertokens_python.recipe import thirdpartyemailpassword, session
init(
app_info=InputAppInfo(
app_name="<YOUR_APP_NAME>",
api_domain="<YOUR_API_DOMAIN>",
website_domain="<YOUR_WEBSITE_DOMAIN>",
api_base_path="/auth",
website_base_path="/auth"
),
supertokens_config=SupertokensConfig(
connection_uri="",
api_key=""
),
framework='fastapi',
recipe_list=[
session.init(), # initializes session features
thirdpartyemailpassword.init(
# TODO: See next step
)
],
mode='asgi' # use wsgi if you are running using gunicorn
)
from supertokens_python import init, InputAppInfo, SupertokensConfig
from supertokens_python.recipe import thirdpartyemailpassword, session
init(
app_info=InputAppInfo(
app_name="<YOUR_APP_NAME>",
api_domain="<YOUR_API_DOMAIN>",
website_domain="<YOUR_WEBSITE_DOMAIN>",
api_base_path="/auth",
website_base_path="/auth"
),
supertokens_config=SupertokensConfig(
connection_uri="",
api_key=""
),
framework='flask',
recipe_list=[
session.init(), # initializes session features
thirdpartyemailpassword.init(
# TODO: See next step
)
]
)
from supertokens_python import init, InputAppInfo, SupertokensConfig
from supertokens_python.recipe import thirdpartyemailpassword, session
init(
app_info=InputAppInfo(
app_name="<YOUR_APP_NAME>",
api_domain="<YOUR_API_DOMAIN>",
website_domain="<YOUR_WEBSITE_DOMAIN>",
api_base_path="/auth",
website_base_path="/auth"
),
supertokens_config=SupertokensConfig(
connection_uri="",
api_key=""
),
framework='django',
recipe_list=[
session.init(), # initializes session features
thirdpartyemailpassword.init(
# TODO: See next step
)
],
mode='asgi' # use wsgi if you are running django server in sync mode
)
Add the code below to your server's init file.
- NodeJS
- GoLang
- Python
- Other Frameworks
Important
For other backend frameworks, you can follow our guide on how to spin up a separate server configured with the SuperTokens backend SDK to authenticate requests and issue session tokens.
- Express
- Hapi
- Fastify
- Koa
- Loopback
- Serverless
- Next.js
- Nest.js
info
Please refer the AWS lambda, Vercel or Netlify sections (In the Integrations section on the left nav bar)
info
Please refer the NextJS section (In the Integrations section on the left nav bar)
info
Please refer the NestJS section (In the Integrations section on the left nav bar)
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import ThirdPartyEmailPassword from"supertokens-node/recipe/thirdpartyemailpassword";
supertokens.init({
framework: "express",
supertokens: {
connectionURI: "",
apiKey: "",
},
appInfo: {
// learn more about this on https://supertokens.com/docs/thirdpartyemailpassword/appinfo
appName: "<YOUR_APP_NAME>",
apiDomain: "<YOUR_API_DOMAIN>",
websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
ThirdPartyEmailPassword.init({/*TODO: See next step*/}),
Session.init() // initializes session features
]
});
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import ThirdPartyEmailPassword from"supertokens-node/recipe/thirdpartyemailpassword";
supertokens.init({
framework: "hapi",
supertokens: {
connectionURI: "",
apiKey: "",
},
appInfo: {
// learn more about this on https://supertokens.com/docs/session/appinfo
appName: "<YOUR_APP_NAME>",
apiDomain: "<YOUR_API_DOMAIN>",
websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
ThirdPartyEmailPassword.init({/*TODO: See next step*/}),
Session.init() // initializes session features
]
});
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import ThirdPartyEmailPassword from"supertokens-node/recipe/thirdpartyemailpassword";
supertokens.init({
framework: "fastify",
supertokens: {
connectionURI: "",
apiKey: "",
},
appInfo: {
// learn more about this on https://supertokens.com/docs/session/appinfo
appName: "<YOUR_APP_NAME>",
apiDomain: "<YOUR_API_DOMAIN>",
websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
ThirdPartyEmailPassword.init({/*TODO: See next step*/}),
Session.init() // initializes session features
]
});
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import ThirdPartyEmailPassword from"supertokens-node/recipe/thirdpartyemailpassword";
supertokens.init({
framework: "koa",
supertokens: {
connectionURI: "",
apiKey: "",
},
appInfo: {
// learn more about this on https://supertokens.com/docs/session/appinfo
appName: "<YOUR_APP_NAME>",
apiDomain: "<YOUR_API_DOMAIN>",
websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
ThirdPartyEmailPassword.init({/*TODO: See next step*/}),
Session.init() // initializes session features
]
});
import supertokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import ThirdPartyEmailPassword from"supertokens-node/recipe/thirdpartyemailpassword";
supertokens.init({
framework: "loopback",
supertokens: {
connectionURI: "",
apiKey: "",
},
appInfo: {
// learn more about this on https://supertokens.com/docs/session/appinfo
appName: "<YOUR_APP_NAME>",
apiDomain: "<YOUR_API_DOMAIN>",
websiteDomain: "<YOUR_WEBSITE_DOMAIN>",
apiBasePath: "/auth",
websiteBasePath: "/auth"
},
recipeList: [
ThirdPartyEmailPassword.init({/*TODO: See next step*/}),
Session.init() // initializes session features
]
});
import (
"github.com/supertokens/supertokens-golang/recipe/session"
"github.com/supertokens/supertokens-golang/recipe/thirdpartyemailpassword"
"github.com/supertokens/supertokens-golang/recipe/thirdpartyemailpassword/tpepmodels"
"github.com/supertokens/supertokens-golang/supertokens"
)
func main() {
apiBasePath := "/auth"
websiteBasePath := "/auth"
err := supertokens.Init(supertokens.TypeInput{
Supertokens: &supertokens.ConnectionInfo{
ConnectionURI: "",
APIKey: "",
},
AppInfo: supertokens.AppInfo{
AppName: "<YOUR_APP_NAME>",
APIDomain: "<YOUR_API_DOMAIN>",
WebsiteDomain: "<YOUR_WEBSITE_DOMAIN>",
APIBasePath: &apiBasePath,
WebsiteBasePath: &websiteBasePath,
},
RecipeList: []supertokens.Recipe{
thirdpartyemailpassword.Init(&tpepmodels.TypeInput{/*TODO: See next step*/}),
session.Init(nil), // initializes session features
},
})
if err != nil {
panic(err.Error())
}
}
- FastAPI
- Flask
- Django
from supertokens_python import init, InputAppInfo, SupertokensConfig
from supertokens_python.recipe import thirdpartyemailpassword, session
init(
app_info=InputAppInfo(
app_name="<YOUR_APP_NAME>",
api_domain="<YOUR_API_DOMAIN>",
website_domain="<YOUR_WEBSITE_DOMAIN>",
api_base_path="/auth",
website_base_path="/auth"
),
supertokens_config=SupertokensConfig(
connection_uri="",
api_key=""
),
framework='fastapi',
recipe_list=[
session.init(), # initializes session features
thirdpartyemailpassword.init(
# TODO: See next step
)
],
mode='asgi' # use wsgi if you are running using gunicorn
)
from supertokens_python import init, InputAppInfo, SupertokensConfig
from supertokens_python.recipe import thirdpartyemailpassword, session
init(
app_info=InputAppInfo(
app_name="<YOUR_APP_NAME>",
api_domain="<YOUR_API_DOMAIN>",
website_domain="<YOUR_WEBSITE_DOMAIN>",
api_base_path="/auth",
website_base_path="/auth"
),
supertokens_config=SupertokensConfig(
connection_uri="",
api_key=""
),
framework='flask',
recipe_list=[
session.init(), # initializes session features
thirdpartyemailpassword.init(
# TODO: See next step
)
]
)
from supertokens_python import init, InputAppInfo, SupertokensConfig
from supertokens_python.recipe import thirdpartyemailpassword, session
init(
app_info=InputAppInfo(
app_name="<YOUR_APP_NAME>",
api_domain="<YOUR_API_DOMAIN>",
website_domain="<YOUR_WEBSITE_DOMAIN>",
api_base_path="/auth",
website_base_path="/auth"
),
supertokens_config=SupertokensConfig(
connection_uri="",
api_key=""
),
framework='django',
recipe_list=[
session.init(), # initializes session features
thirdpartyemailpassword.init(
# TODO: See next step
)
],
mode='asgi' # use wsgi if you are running django server in sync mode
)
3) Initialise Social login providers#
Populate the providers array with the third party auth providers you want.
- NodeJS
- GoLang
- Python
- Other Frameworks
Important
For other backend frameworks, you can follow our guide on how to spin up a separate server configured with the SuperTokens backend SDK to authenticate requests and issue session tokens.
import SuperTokens from "supertokens-node";
import ThirdPartyEmailPassword from "supertokens-node/recipe/thirdpartyemailpassword";
SuperTokens.init({
appInfo: {
apiDomain: "...",
appName: "...",
websiteDomain: "...",
},
recipeList: [
ThirdPartyEmailPassword.init({
// We have provided you with development keys which you can use for testing.
// IMPORTANT: Please replace them with your own OAuth keys for production use.
providers: [{
config: {
thirdPartyId: "google",
clients: [{
clientId: "1060725074195-kmeum4crr01uirfl2op9kd5acmi9jutn.apps.googleusercontent.com",
clientSecret: "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"
}]
}
}, {
config: {
thirdPartyId: "github",
clients: [{
clientId: "467101b197249757c71f",
clientSecret: "e97051221f4b6426e8fe8d51486396703012f5bd"
}]
}
}, {
config: {
thirdPartyId: "apple",
clients: [{
clientId: "4398792-io.supertokens.example.service",
additionalConfig: {
keyId: "7M48Y4RYDL",
privateKey:
"-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgu8gXs+XYkqXD6Ala9Sf/iJXzhbwcoG5dMh1OonpdJUmgCgYIKoZIzj0DAQehRANCAASfrvlFbFCYqn3I2zeknYXLwtH30JuOKestDbSfZYxZNMqhF/OzdZFTV0zc5u5s3eN+oCWbnvl0hM+9IW0UlkdA\n-----END PRIVATE KEY-----",
teamId: "YWQCXGJRJL",
}
}]
}
}],
}),
// ...
]
});
import (
"github.com/supertokens/supertokens-golang/recipe/thirdparty/tpmodels"
"github.com/supertokens/supertokens-golang/recipe/thirdpartyemailpassword"
"github.com/supertokens/supertokens-golang/recipe/thirdpartyemailpassword/tpepmodels"
)
func main() {
// Inside supertokens.Init -> RecipeList
thirdpartyemailpassword.Init(&tpepmodels.TypeInput{
Providers: []tpmodels.ProviderInput{
// We have provided you with development keys which you can use for testing.
// IMPORTANT: Please replace them with your own OAuth keys for production use.
{
Config: tpmodels.ProviderConfig{
ThirdPartyId: "google",
Clients: []tpmodels.ProviderClientConfig{
{
ClientID: "1060725074195-kmeum4crr01uirfl2op9kd5acmi9jutn.apps.googleusercontent.com",
ClientSecret: "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",
},
},
},
},
{
Config: tpmodels.ProviderConfig{
ThirdPartyId: "github",
Clients: []tpmodels.ProviderClientConfig{
{
ClientID: "467101b197249757c71f",
ClientSecret: "e97051221f4b6426e8fe8d51486396703012f5bd",
},
},
},
},
{
Config: tpmodels.ProviderConfig{
ThirdPartyId: "apple",
Clients: []tpmodels.ProviderClientConfig{
{
ClientID: "4398792-io.supertokens.example.service",
AdditionalConfig: map[string]interface{}{
"keyId": "7M48Y4RYDL",
"privateKey": "-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgu8gXs+XYkqXD6Ala9Sf/iJXzhbwcoG5dMh1OonpdJUmgCgYIKoZIzj0DAQehRANCAASfrvlFbFCYqn3I2zeknYXLwtH30JuOKestDbSfZYxZNMqhF/OzdZFTV0zc5u5s3eN+oCWbnvl0hM+9IW0UlkdA\n-----END PRIVATE KEY-----",
"teamId": "YWQCXGJRJL",
},
},
},
},
},
},
})
}
from supertokens_python.recipe.thirdparty.provider import ProviderInput, ProviderConfig, ProviderClientConfig
from supertokens_python.recipe import thirdpartyemailpassword
# Inside init
thirdpartyemailpassword.init(
providers=[
# We have provided you with development keys which you can use for testing.
# IMPORTANT: Please replace them with your own OAuth keys for production use.
ProviderInput(
config=ProviderConfig(
third_party_id="google",
clients=[
ProviderClientConfig(
client_id="1060725074195-kmeum4crr01uirfl2op9kd5acmi9jutn.apps.googleusercontent.com",
client_secret="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",
),
],
),
),
ProviderInput(
config=ProviderConfig(
third_party_id="github",
clients=[
ProviderClientConfig(
client_id='467101b197249757c71f',
client_secret='e97051221f4b6426e8fe8d51486396703012f5bd'
),
],
),
),
ProviderInput(
config=ProviderConfig(
third_party_id="apple",
clients=[
ProviderClientConfig(
client_id="4398792-io.supertokens.example.service",
additional_config={
"keyId": "7M48Y4RYDL",
"privateKey": "-----BEGIN PRIVATE KEY-----\nMIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgu8gXs+XYkqXD6Ala9Sf/iJXzhbwcoG5dMh1OonpdJUmgCgYIKoZIzj0DAQehRANCAASfrvlFbFCYqn3I2zeknYXLwtH30JuOKestDbSfZYxZNMqhF/OzdZFTV0zc5u5s3eN+oCWbnvl0hM+9IW0UlkdA\n-----END PRIVATE KEY-----",
"teamId": "YWQCXGJRJL"
},
),
],
),
),
]
)
When you want to generate your own keys, please refer to the corresponding documentation to get your client ids and client secrets for each of the below providers:
- Generate your client ID and secret by following the docs here
- Set the authorisation callback URL to
<YOUR_WEBSITE_DOMAIN>/auth/callback/google
Github
- Generate your client ID and secret by following the docs here
- Set the authorisation callback URL to
<YOUR_WEBSITE_DOMAIN>/auth/callback/github
Apple
- Generate your client ID and secret by following this article
- Set the authorisation callback URL to
<YOUR_API_DOMAIN>/auth/callback/apple. Note that Apple doesn't allowlocalhostin the URL. So if you are in dev mode, you can use the dev keys we have provided above.
important
You can find the list of built in providers here. To add a provider that is not listed, you can follow our guide on setting up custom providers.
4) Add the SuperTokens APIs & CORS setup#
- NodeJS
- GoLang
- Python
- Other Frameworks
Important
For other backend frameworks, you can follow our guide on how to spin up a separate server configured with the SuperTokens backend SDK to authenticate requests and issue session tokens.
- Express
- Hapi
- Fastify
- Koa
- Loopback
- Serverless
- Next.js
- Nest.js
info
Please refer the AWS lambda, Vercel or Netlify sections (In the Integrations section on the left nav bar)
info
Please refer the NextJS section (In the Integrations section on the left nav bar)
info
Please refer the NestJS section (In the Integrations section on the left nav bar)
important
- Add the
middlewareBEFORE all your routes. - Add the
corsmiddleware BEFORE the SuperTokens middleware as shown below.
import express from "express";
import cors from "cors";
import supertokens from "supertokens-node";
import {middleware} from "supertokens-node/framework/express";
let app = express();
app.use(cors({
origin: "<YOUR_WEBSITE_DOMAIN>",
allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
credentials: true,
}));
// IMPORTANT: CORS should be before the below line.
app.use(middleware());
// ...your API routes
This middleware adds a few APIs (see all the APIs here):
POST /auth/signinup: For signing up/signing in a user using a thirdparty provider.POST /auth/signup: For signing up a user with email & passwordPOST /auth/signin: For signing in a user with email & password
Register the plugin.
import Hapi from "@hapi/hapi";
import supertokens from "supertokens-node";
import { plugin } from "supertokens-node/framework/hapi";
let server = Hapi.server({
port: 8000,
routes: {
cors: {
origin: ["<YOUR_WEBSITE_DOMAIN>"],
additionalHeaders: [...supertokens.getAllCORSHeaders()],
credentials: true,
}
}
});
(async () => {
await server.register(plugin);
await server.start();
})();
// ...your API routes
This plugin adds a few APIs (see all the APIs here) as well take care of all the errors thrown by the Supertokens library:
POST /auth/signinup: For signing up/signing in a user using a thirdparty provider.POST /auth/signup: For signing up a user with email & passwordPOST /auth/signin: For signing in a user with email & password
Register the plugin. Also register @fastify/formbody plugin.
import cors from "@fastify/cors";
import supertokens from "supertokens-node";
import { plugin } from "supertokens-node/framework/fastify";
import formDataPlugin from "@fastify/formbody";
import fastifyImport from "fastify";
let fastify = fastifyImport();
// ...other middlewares
fastify.register(cors, {
origin: "<YOUR_WEBSITE_DOMAIN>",
allowedHeaders: ['Content-Type', ...supertokens.getAllCORSHeaders()],
credentials: true,
});
(async () => {
await fastify.register(formDataPlugin);
await fastify.register(plugin);
await fastify.listen(8000);
})();
// ...your API routes
This plugin adds a few APIs (see all the APIs here):
POST /auth/signinup: For signing up/signing in a user using a thirdparty provider.POST /auth/signup: For signing up a user with email & passwordPOST /auth/signin: For signing in a user with email & password
important
Add the middleware BEFORE all your routes.
import cors from '@koa/cors';
import Koa from "koa";
import supertokens from "supertokens-node";
import { middleware } from "supertokens-node/framework/koa";
let app = new Koa();
// ...other middlewares
app.use(cors({
origin: "<YOUR_WEBSITE_DOMAIN>",
allowHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
credentials: true,
}));
app.use(middleware());
// ...your API routes
This middleware adds a few APIs (see all the APIs here):
POST /auth/signinup: For signing up/signing in a user using a thirdparty provider.POST /auth/signup: For signing up a user with email & passwordPOST /auth/signin: For signing in a user with email & password
important
Add the middleware BEFORE all your routes.
import supertokens from "supertokens-node";
import { middleware } from "supertokens-node/framework/loopback";
import { RestApplication } from '@loopback/rest';
let app = new RestApplication({
rest: {
cors: {
origin: "<YOUR_WEBSITE_DOMAIN>",
allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
credentials: true
}
}
});
app.middleware(middleware);
// ...your API routes
This middleware adds a few APIs (see all the APIs here):
POST /auth/signinup: For signing up/signing in a user using a thirdparty provider.POST /auth/signup: For signing up a user with email & passwordPOST /auth/signin: For signing in a user with email & password
- Chi
- net/http
- Gin
- Mux
Use the supertokens.Middleware and the supertokens.GetAllCORSHeaders() functions as shown below.
import (
"net/http"
"strings"
"github.com/supertokens/supertokens-golang/supertokens"
)
func main() {
// SuperTokens init...
http.ListenAndServe("SERVER ADDRESS", corsMiddleware(
supertokens.Middleware(http.HandlerFunc(func(rw http.ResponseWriter,
r *http.Request) {
// TODO: Handle your APIs..
}))))
}
func corsMiddleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(response http.ResponseWriter, r *http.Request) {
response.Header().Set("Access-Control-Allow-Origin", "<YOUR_WEBSITE_DOMAIN>")
response.Header().Set("Access-Control-Allow-Credentials", "true")
if r.Method == "OPTIONS" {
// we add content-type + other headers used by SuperTokens
response.Header().Set("Access-Control-Allow-Headers",
strings.Join(append([]string{"Content-Type"},
supertokens.GetAllCORSHeaders()...), ","))
response.Header().Set("Access-Control-Allow-Methods", "*")
response.Write([]byte(""))
} else {
next.ServeHTTP(response, r)
}
})
}
Use the supertokens.Middleware and the supertokens.GetAllCORSHeaders() functions as shown below.
import (
"net/http"
"github.com/gin-contrib/cors"
"github.com/gin-gonic/gin"
"github.com/supertokens/supertokens-golang/supertokens"
)
func main() {
// SuperTokens init...
router := gin.New()
// CORS
router.Use(cors.New(cors.Config{
AllowOrigins: []string{"<YOUR_WEBSITE_DOMAIN>"},
AllowMethods: []string{"GET", "POST", "DELETE", "PUT", "OPTIONS"},
AllowHeaders: append([]string{"content-type"},
supertokens.GetAllCORSHeaders()...),
AllowCredentials: true,
}))
// Adding the SuperTokens middleware
router.Use(func(c *gin.Context) {
supertokens.Middleware(http.HandlerFunc(
func(rw http.ResponseWriter, r *http.Request) {
c.Next()
})).ServeHTTP(c.Writer, c.Request)
// we call Abort so that the next handler in the chain is not called, unless we call Next explicitly
c.Abort()
})
// Add APIs and start server
}
Use the supertokens.Middleware and the supertokens.GetAllCORSHeaders() functions as shown below.
import (
"github.com/go-chi/chi"
"github.com/go-chi/cors"
"github.com/supertokens/supertokens-golang/supertokens"
)
func main() {
// SuperTokens init...
r := chi.NewRouter()
// CORS
r.Use(cors.Handler(cors.Options{
AllowedOrigins: []string{"<YOUR_WEBSITE_DOMAIN>"},
AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
AllowedHeaders: append([]string{"Content-Type"},
supertokens.GetAllCORSHeaders()...),
AllowCredentials: true,
}))
// SuperTokens Middleware
r.Use(supertokens.Middleware)
// Add APIs and start server
}
Use the supertokens.Middleware and the supertokens.GetAllCORSHeaders() functions as shown below.
import (
"net/http"
"github.com/gorilla/handlers"
"github.com/gorilla/mux"
"github.com/supertokens/supertokens-golang/supertokens"
)
func main() {
// SuperTokens init...
// Add APIs
router := mux.NewRouter()
// Adding handlers.CORS(options)(supertokens.Middleware(router)))
http.ListenAndServe("SERVER ADDRESS", handlers.CORS(
handlers.AllowedHeaders(append([]string{"Content-Type"},
supertokens.GetAllCORSHeaders()...)),
handlers.AllowedMethods([]string{"GET", "POST", "PUT", "HEAD", "OPTIONS"}),
handlers.AllowedOrigins([]string{"<YOUR_WEBSITE_DOMAIN>"}),
handlers.AllowCredentials(),
)(supertokens.Middleware(router)))
}
This Middleware adds a few APIs (see all the APIs here):
POST /auth/signinup: For signing up/signing in a user using a thirdparty provider.POST /auth/signup: For signing up a user with email & passwordPOST /auth/signin: For signing in a user with email & password
- FastAPI
- Flask
- Django
Use the Middleware (BEFORE all your routes) and the get_all_cors_headers() functions as shown below.
from supertokens_python import get_all_cors_headers
from fastapi import FastAPI
from starlette.middleware.cors import CORSMiddleware
from supertokens_python.framework.fastapi import get_middleware
app = FastAPI()
app.add_middleware(get_middleware())
# TODO: Add APIs
app.add_middleware(
CORSMiddleware,
allow_origins=[
"<YOUR_WEBSITE_DOMAIN>"
],
allow_credentials=True,
allow_methods=["GET", "PUT", "POST", "DELETE", "OPTIONS", "PATCH"],
allow_headers=["Content-Type"] + get_all_cors_headers(),
)
# TODO: start server
- Use the
Middleware(BEFORE all your routes and after calling init function) and theget_all_cors_headers()functions as shown below. - Add a route to catch all paths and return a 404. This is needed because if we don't add this, then OPTIONS request for the APIs exposed by the
Middlewarewill return a404.
from supertokens_python import get_all_cors_headers
from flask import Flask, abort
from flask_cors import CORS
from supertokens_python.framework.flask import Middleware
app = Flask(__name__)
Middleware(app)
# TODO: Add APIs
CORS(
app=app,
origins=[
"<YOUR_WEBSITE_DOMAIN>"
],
supports_credentials=True,
allow_headers=["Content-Type"] + get_all_cors_headers(),
)
# This is required since if this is not there, then OPTIONS requests for
# the APIs exposed by the supertokens' Middleware will return a 404
@app.route('/', defaults={'u_path': ''})
@app.route('/<path:u_path>')
def catch_all(u_path: str):
abort(404)
# TODO: start server
Use the Middleware and the get_all_cors_headers() functions as shown below in your settings.py.
from supertokens_python import get_all_cors_headers
from typing import List
from corsheaders.defaults import default_headers
CORS_ORIGIN_WHITELIST = [
"<YOUR_WEBSITE_DOMAIN>"
]
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOWED_ORIGINS = [
"<YOUR_WEBSITE_DOMAIN>"
]
CORS_ALLOW_HEADERS: List[str] = list(default_headers) + [
"Content-Type"
] + get_all_cors_headers()
INSTALLED_APPS = [
'corsheaders',
'supertokens_python'
]
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
...,
'supertokens_python.framework.django.django_middleware.middleware',
]
This Middleware adds a few APIs (see all the APIs here):
POST /auth/signinup: For signing up/signing in a user using a thirdparty provider.POST /auth/signup: For signing up a user with email & passwordPOST /auth/signin: For signing in a user with email & password
5) Add the SuperTokens error handler#
- NodeJS
- GoLang
- Python
- Other Frameworks
Important
For other backend frameworks, you can follow our guide on how to spin up a separate server configured with the SuperTokens backend SDK to authenticate requests and issue session tokens.
- Express
- Hapi
- Fastify
- Koa
- Loopback
- Serverless
- Next.js
- Nest.js
info
Please refer the AWS lambda, Vercel or Netlify sections (In the Integrations section on the left nav bar)
info
Please refer the NextJS section (In the Integrations section on the left nav bar)
info
Please refer the NestJS section (In the Integrations section on the left nav bar)
import { errorHandler } from "supertokens-node/framework/express";
import express from "express";
let app = express();
// ...your API routes
// Add this AFTER all your routes
app.use(errorHandler())
// your own error handler
app.use((err: any, req: express.Request, res: express.Response, next: express.NextFunction) => {
// Your error handler logic
});
No additional errorHandler is required.
Add the errorHandler Before all your routes and plugin registration
import { errorHandler } from "supertokens-node/framework/fastify";
import fastify from 'fastify'
const server = fastify()
server.setErrorHandler(errorHandler());
// ...your API routes
No additional errorHandler is required.
No additional errorHandler is required.
info
You can skip this step
info
You can skip this step
6) Setup the SuperTokens core#
You need to now setup an instance of the SuperTokens core for your app (that your backend should connect to). You have two options:
- Managed service
- Self hosted with your own database (With Docker or Without Docker)
