Back

Confusion around CreateEmailPasswordSession

  • 0
  • REST API
Pingu
9 Jun, 2024, 15:58

Hey,

So I am doing things in postman so its language agnostic...

I am posting a valid email and password to https://cloud.appwrite.io/v1/account/sessions/email, providing the project Id, response format and key headers correctly.

The response I get back contains a secret, as I expect. However I am sure that previously (a few weeks ago?) this secret was returning the actual secret? Whereas now it is returning a malformed JWT.

When decoding from base64, it reads as a json object similar to (obviously redacted):

TypeScript
{
  "id": "664.........",
  "secret": "82d........."
}

For context, I am implementing SSR logging in. The docs for SSR login imply that we should expect just the secret to be returned, and not this base64 encoded object (as it shows setting a cookie as session with this value, and then later using the value without any decoding etc in sessionClient.setSession).

Anyway, I'm not using js so I can't just use the SDK. I am using C#, and have tried the SDK but to no avail (so am writing my own SDK, hence the postman).

Now, in postman, making a GET request to /account and using the secret which I get from decoding the secret returned from /account/sessions/email and then using just the secret property, as the X-Appwrite-Session header - it works and I get the data back that I expect.

I might be going mad, but I'm sure that I remember this working differently previously though? It feels like extra hoops to jump through to get the secret. Are the SSR docs out of date, or is something not going correct here?

TL;DR
Developers are experiencing confusion with the `CreateEmailPasswordSession` method in Postman. The response now includes a base64 encoded object instead of just the secret, as described in the SSR login documentation. Decoding the object reveals a JSON structure with the required secret. By manually extracting the secret key and utilizing it in subsequent requests, developers were able to access the expected data successfully. The discrepancy raises questions regarding potential changes in the expected behavior of the API.
Reply

Reply to this thread by joining our Discord

Reply on Discord

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more