Skip to main content

Session Verification using getSession

caution

Please use the verifySession middleware whenever possible as it is simpler to use.

Requiring an active session#

let Session = require("supertokens-node/recipe/session");
app.post("/like-comment", (req, res) => {        let session = await Session.getSession(req, res);        if (session === undefined) {        throw Error("Should never come here")    }         let userId = session.getUserId();     //....});

Optional session verification#

Sometimes, you want an API to be accessible even if there is no session. In that case, you can use the sessionRequired flag:

let Session = require("supertokens-node/recipe/session");
app.post("/like-comment", (req, res) => {        let session = await Session.getSession(req, res, {sessionRequired: false})        if (session !== undefined) {        let userId = session.getUserId();    } else {        // user is not logged in...    }     //....});