:bug fix(auth-refresh): update supertokens-node and add refresh failure logging

Author: victor-enogwe

packages/backend/package.json

@@ -23,7 +23,7 @@
     "rrule": "^2.7.2",
     "saslprep": "^1.0.3",
     "socket.io": "^4.7.5",
-    "supertokens-node": "^20.0.5",
+    "supertokens-node": "^23.0.1",
     "tslib": "^2.4.0"
   },
   "devDependencies": {

packages/backend/src/common/middleware/supertokens.middleware.ts

@@ -11,10 +11,14 @@ import {
   PORT_DEFAULT_BACKEND,
   PORT_DEFAULT_WEB,
 } from "@core/constants/core.constants";
+import { Status } from "@core/errors/status.codes";
+import { Logger } from "@core/logger/winston.logger";
 import { ENV } from "@backend/common/constants/env.constants";
 import { SupertokensAccessTokenPayload } from "@backend/common/types/supertokens.types";
 import { webSocketServer } from "@backend/servers/websocket/websocket.server";
 
+const logger = Logger("app:supertokens.middleware");
+
 export const initSupertokens = () => {
   SuperTokens.init({
     appInfo: {
@@ -32,6 +36,18 @@ export const initSupertokens = () => {
     recipeList: [
       Dashboard.init(),
       Session.init({
+        errorHandlers: {
+          onTryRefreshToken: async (message, _request, response) => {
+            logger.warn(
+              `Session expired: ${message}. User tried to refresh the session.`,
+            );
+
+            response.setStatusCode(Status.UNAUTHORIZED);
+            response.sendJSONResponse({
+              error: "Session expired. Please log in again.",
+            });
+          },
+        },
         override: {
           apis(originalImplementation) {
             return {

yarn.lock

@@ -4892,11 +4892,6 @@ cookie-signature@1.0.6:
   resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c"
   integrity sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==
 
-cookie@0.4.0:
-  version "0.4.0"
-  resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.4.0.tgz#beb437e7022b3b6d49019d088665303ebe9c14ba"
-  integrity sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg==
-
 cookie@0.7.1:
   version "0.7.1"
   resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.7.1.tgz#2f73c42142d5d5cf71310a74fc4ae61670e5dbc9"
@@ -4907,7 +4902,7 @@ cookie@^0.4.2:
   resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.4.2.tgz#0e41f24de5ecf317947c82fc789e06a884824432"
   integrity sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==
 
-cookie@~0.7.2:
+cookie@^0.7.2, cookie@~0.7.2:
   version "0.7.2"
   resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.7.2.tgz#556369c472a2ba910f2979891b526b3436237ed7"
   integrity sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==
@@ -10735,7 +10730,7 @@ serve-static@1.16.2:
     parseurl "~1.3.3"
     send "0.19.0"
 
-set-cookie-parser@^2.4.6:
+set-cookie-parser@^2.4.6, set-cookie-parser@^2.6.0:
   version "2.7.1"
   resolved "https://registry.yarnpkg.com/set-cookie-parser/-/set-cookie-parser-2.7.1.tgz#3016f150072202dfbe90fadee053573cc89d2943"
   integrity sha512-IOc8uWeOZgnb3ptbCURJWNjWUPcO3ZnTTdzsurqERrP6nPyv+paC55vJM0LpOlT2ne+Ix+9+CRG1MNLlyZ4GjQ==
@@ -11383,14 +11378,14 @@ supertokens-js-override@0.0.4, supertokens-js-override@^0.0.4:
   resolved "https://registry.yarnpkg.com/supertokens-js-override/-/supertokens-js-override-0.0.4.tgz#9af583fbc5e1f0195dbb358c4fcf75f44c76dc09"
   integrity sha512-r0JFBjkMIdep3Lbk3JA+MpnpuOtw4RSyrlRAbrzMcxwiYco3GFWl/daimQZ5b1forOiUODpOlXbSOljP/oyurg==
 
-supertokens-node@^20.0.5:
-  version "20.1.7"
-  resolved "https://registry.yarnpkg.com/supertokens-node/-/supertokens-node-20.1.7.tgz#d06511de0891b22d499fb219519864aef29706d9"
-  integrity sha512-Ol3LhYksxBBpmmzx8MX9sPSaaVI4x58gMpHbdy7wlzwpC3TM44HIEmAMD++ig3oOUNSvppqQVDkAcCFNafpl1w==
+supertokens-node@^23.0.1:
+  version "23.0.1"
+  resolved "https://registry.yarnpkg.com/supertokens-node/-/supertokens-node-23.0.1.tgz#adc12cef47a0c1af1eddfe84db49ae8ff73af855"
+  integrity sha512-cCuY9Y5Mj93Pg1ktbqilouWgAoQWniQauftB4Ef6rfOchogx13XTo1pNP14zezn2rSf7WIPb9iaZb5zif6TKtQ==
   dependencies:
     buffer "^6.0.3"
     content-type "^1.0.5"
-    cookie "0.4.0"
+    cookie "^0.7.2"
     cross-fetch "^3.1.6"
     debug "^4.3.3"
     jose "^4.13.1"
@@ -11399,6 +11394,7 @@ supertokens-node@^20.0.5:
     pako "^2.1.0"
     pkce-challenge "^3.0.0"
     process "^0.11.10"
+    set-cookie-parser "^2.6.0"
     supertokens-js-override "^0.0.4"
     tldts "^6.1.48"
     twilio "^4.19.3"