Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
supertokens-website
Advanced tools
supertokens-website - npm Package Versions
supertokens
published 20.1.5 • Changelog
[20.1.5] - 2024-10-03
Changes
- Added
3.1and4.0to the list of supported FDIs - Now we throw and log an error if a successful refresh response doesn't have the
front-tokenheader. This used to break the session state.
supertokens
published 20.1.4 • Changelog
[20.1.4] - 2024-07-11
Changes
- Removed redundant
removeTokencalls - Improves test stability
supertokens
published 20.1.2 • Changelog
[20.1.2] - 2024-06-26
Changes
- Fixed a session refresh loop caused by blocked cookie writes. The SDK would throw/log a helpful error message when this happens.
supertokens
published 20.1.1 • Changelog
[20.1.1] - 2024-06-13
Changes
- Added a warning if the SDK can't save to cookies to help people notice/debug these issues faster.
Fixes
- Fixed an issue in the Axios interceptor that caused it to throw when encountering a network error
supertokens
published 20.1.0 • Changelog
[20.1.0] - 2024-05-31
Changes
- Fixed the session refresh loop in all the request interceptors that occurred when an API returned a 401 response despite a valid session. Interceptors now attempt to refresh the session a maximum of ten times before throwing an error. The retry limit is configurable via the
maxRetryAttemptsForSessionRefreshoption.
supertokens
published 20.0.1 • Changelog
[20.0.1] - 2024-05-24
Changes
- Added 2.0 and 3.0 to supported FDIs
- Now we use the locking to make sure that refreshing claims happens only once even for concurrent validateClaims calls
- The locking mechanism is configurable through by providing a
lockFactoryfunction in the configuration
- The locking mechanism is configurable through by providing a
supertokens
published 20.0.0 • Changelog
[20.0.0] - 2024-04-03
Breaking changes
The shouldDoInterceptionBasedOnUrl function now returns true:
- If
sessionTokenBackendDomainis a valid subdomain of the URL's domain. This aligns with the behavior of browsers when sending cookies to subdomains. - Even if the ports of the URL you are querying are different compared to the
apiDomain's port ot thesessionTokenBackendDomainport (as long as the hostname is the same, or a subdomain of thesessionTokenBackendDomain): https://github.com/supertokens/supertokens-website/issues/217
Before:
shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "api.example.com") // false
shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".api.example.com") // true
shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "example.com") // false
shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".example.com") // true
shouldDoInterceptionBasedOnUrl("https://api.example.com", "", ".example.com:8080") // false
shouldDoInterceptionBasedOnUrl("https://api.example.com", "https://example.com:8080") // false
After:
shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "api.example.com") // true
shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".api.example.com") // true
shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "example.com") // true
shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".example.com") // true
shouldDoInterceptionBasedOnUrl("https://api.example.com", "", ".example.com:8080") // true
shouldDoInterceptionBasedOnUrl("https://api.example.com", "https://example.com:8080") // true
supertokens
published 19.0.0 • Changelog
[19.0.0] - 2024-03-14
Breaking changes
- Rename
validatorIdin claim validation errors toidto match the backend SDKs
Changes
- Added
1.19to the list of supported FDIs