Closed rishabhpoddar closed 1 year ago
porcellus
commented
1 year ago You could achieve something like this by adding #superTokensDoNotDoInterception into the request URL to disable interception for a request. AFAIK the hash part is removed by the browsers before sending the request.
morgante
commented
1 year ago I definitely don't want to insert hashes into (all of) our API requests.
rishabhpoddar
commented
1 year ago This has been released in version >= 17.0.1. The code snippet below is from the point of view of customising the session recipe in web-js / auth-react SDKs
Session.init({
override: {
functions: (oI) => {
return {
...oI,
shouldDoInterceptionBasedOnUr: (url, apiDomain, sessionTokenBackendDomain) => {
try {
let urlObj = new URL(url);
if (!urlObj.pathname.startsWith("/auth")) {
return false;
}
} catch (ignored) { }
return oI.shouldDoInterceptionBasedOnUrl(url, apiDomain, sessionTokenBackendDomain);
}
}
}
}
})
The way we had originally allowed this was to allow users to override the recipe functions for adding interceptors to axios, fetch and XHR.
But if the user override those, then our internal function calls (from web-js and auth-react SDK) will also not have those interceptors applied to them cause APIs calls (like sign in, sign out) made by them to break.
One solution could be to make the shouldDoInterception function overridable as well, so that users can return
truefor/authAPI calls, and return/falsefor others.