Get User Info
There are several ways to fetch information about a user:
- Using their user ID, you can get their email ID, time joined, and metadata that is saved in the user metadata recipe.
- If the user logged in via a third party providers, you can get their profile info in the post sign up override along with the provider's access token. You can save this information in the user metadata recipe for later retrieval.
- Lastly, you can get the user's session information and access token payload from their session handle (offline mode), or from the currently logged in session object (online mode).
#
Fetching information using the user's email- NodeJS
- GoLang
- Python
- Other Frameworks
Important
Use the listUsersByAccountInfo
function to retrieve a user's data, specifying the account type and providing the user's email as criteria.
import supertokens from "supertokens-node";
async function getUserInfo() {
let usersInfo = await supertokens.listUsersByAccountInfo("public", {
email: "test@example.com"
});
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
}
You can get a user's information on the backend using the GetUserByEmail
, GetUserByPhoneNumber
and GetUserById
functions:
import (
"fmt"
"github.com/supertokens/supertokens-golang/recipe/thirdpartypasswordless"
)
func main() {
// Note that usersInfo has type User[]
// You can learn more about the `User` object over here https://github.com/supertokens/core-driver-interface/wiki
userInfo, err := thirdpartypasswordless.GetUsersByEmail("public", "test@example.com")
if err != nil {
// TODO: Handle error
return
}
fmt.Println(userInfo)
//...
}
- Asyncio
- Syncio
You can get a user's information on the backend using the get_users_by_email
function:
from supertokens_python.recipe.thirdpartypasswordless.asyncio import get_users_by_email
async def some_func():
# Note that users_info has type List[User]
user_info = await get_users_by_email("public", "test@example.com")
print(user_info)
You can get a user's information on the backend using the get_users_by_email
function:
from supertokens_python.recipe.thirdpartypasswordless.syncio import get_users_by_email
# Note that users_info has type List[User]
# You can learn more about the `User` object over here https://github.com/supertokens/core-driver-interface/wiki
user_info = get_users_by_email("public", "test@example.com")
Multi Tenancy
Notice that the first argument of the above function is "public"
. This is the default tenantId
which means that SuperTokens will return information about the user whose email is "test@example.com"
in the "public"
tenant.
If you are using our multi-tenancy feature, you can pass in a different tenantId
to get information about a user in a different tenant.
#
Fetching information using the user's phone number- NodeJS
- GoLang
- Python
- Other Frameworks
Important
import supertokens from "supertokens-node";
async function handler() {
let usersInfo = await supertokens.listUsersByAccountInfo("public", {
phoneNumber: "+1234567890"
});
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
}
import (
"fmt"
"github.com/supertokens/supertokens-golang/recipe/thirdpartypasswordless"
)
func main() {
tenantId := "public"
userInfo, err := passwordless.GetUserByPhoneNumber(tenantId, "+1234567890")
if err != nil {
// TODO: Handle error
return
}
fmt.Println(userInfo)
//...
}
- Asyncio
- Syncio
from supertokens_python.recipe.passwordless.asyncio import get_user_by_phone_number
async def some_func():
_ = await get_user_by_phone_number("public", "+1234567890")
from supertokens_python.recipe.thirdpartypasswordless.syncio import get_user_by_phone_number
user_info = get_user_by_phone_number("public", "+1234567890")
Multi Tenancy
Notice that we pass in the "public"
tenantId to the function call above. This is the default tenantID and will return the user with the given phone number that belongs to the public
tenant. You can provide a different tenantID if required.
#
Fetching information using the user's IDRetrieve the user's ID by calling:
- the
getUser
function for NodeJS - the
GetUserById
function for GoLang - the
get_user_by_id
function for Python
Refer to the code snippets below for example usage:
- NodeJS
- GoLang
- Python
- Other Frameworks
Important
- Express
- Hapi
- Fastify
- Koa
- Loopback
- AWS Lambda / Netlify
- Next.js (Pages Dir)
- Next.js (App Dir)
- NestJS
import express from "express";
import { verifySession } from "supertokens-node/recipe/session/framework/express";
import { SessionRequest } from 'supertokens-node/framework/express';
import supertokens from "supertokens-node";
let app = express();
app.get("/get-user-info", verifySession(), async (req: SessionRequest, res) => {
let userId = req.session!.getUserId();
let userInfo = await supertokens.getUser(userId)
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
})
import { verifySession } from "supertokens-node/recipe/session/framework/hapi";
import Hapi from "@hapi/hapi";
import { SessionRequest } from "supertokens-node/framework/hapi";
import supertokens from "supertokens-node";
let server = Hapi.server({ port: 8000 });
server.route({
path: "/get-user-info",
method: "get",
options: {
pre: [
{
method: verifySession()
},
],
},
handler: async (req: SessionRequest, res) => {
let userId = req.session!.getUserId();
let userInfo = await supertokens.getUser(userId)
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
}
})
import Fastify from "fastify";
import { verifySession } from "supertokens-node/recipe/session/framework/fastify";
import { SessionRequest } from 'supertokens-node/framework/fastify';
import supertokens from "supertokens-node";
const fastify = Fastify();
fastify.post("/like-comment", {
preHandler: verifySession(),
}, async (req: SessionRequest, res) => {
let userId = req.session!.getUserId();
let userInfo = await supertokens.getUser(userId)
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
});
import { verifySession } from "supertokens-node/recipe/session/framework/awsLambda";
import { SessionEvent } from "supertokens-node/framework/awsLambda";
import supertokens from "supertokens-node";
async function getUserInfo(awsEvent: SessionEvent) {
let userId = awsEvent.session!.getUserId();
let userInfo = await supertokens.getUser(userId)
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
};
exports.handler = verifySession(getUserInfo);
import KoaRouter from "koa-router";
import { verifySession } from "supertokens-node/recipe/session/framework/koa";
import { SessionContext } from "supertokens-node/framework/koa";
import supertokens from "supertokens-node";
let router = new KoaRouter();
router.get("/get-user-info", verifySession(), async (ctx: SessionContext, next) => {
let userId = ctx.session!.getUserId();
let userInfo = await supertokens.getUser(userId)
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
});
import { inject, intercept } from "@loopback/core";
import { RestBindings, MiddlewareContext, get, response } from "@loopback/rest";
import { verifySession } from "supertokens-node/recipe/session/framework/loopback";
import Session from "supertokens-node/recipe/session";
import { SessionContext } from "supertokens-node/framework/loopback";
import supertokens from "supertokens-node";
class GetUserInfo {
constructor(@inject(RestBindings.Http.CONTEXT) private ctx: MiddlewareContext) {}
@get("/get-user-info")
@intercept(verifySession())
@response(200)
async handler() {
let userId = ((this.ctx as any).session as Session.SessionContainer).getUserId();
let userInfo = await supertokens.getUser(userId)
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
}
}
import { superTokensNextWrapper } from 'supertokens-node/nextjs'
import { verifySession } from "supertokens-node/recipe/session/framework/express";
import { SessionRequest } from "supertokens-node/framework/express";
import supertokens from "supertokens-node";
export default async function likeComment(req: SessionRequest, res: any) {
await superTokensNextWrapper(
async (next) => {
await verifySession()(req, res, next);
},
req,
res
)
let userId = req.session!.getUserId();
let userInfo = await supertokens.getUser(userId)
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
}
import { NextResponse, NextRequest } from "next/server";
import SuperTokens from "supertokens-node";
import { withSession } from "supertokens-node/nextjs";
import { backendConfig } from "@/app/config/backend";
SuperTokens.init(backendConfig());
export function POST(request: NextRequest) {
return withSession(request, async (err, session) => {
if (err) {
return NextResponse.json(err, { status: 500 });
}
const userId = session!.getUserId();
let userInfo = await SuperTokens.getUser(userId)
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
return NextResponse.json({});
});
}
import { Controller, Post, UseGuards, Request, Response } from "@nestjs/common";
import { AuthGuard } from './auth/auth.guard';
import { Session } from './auth/session.decorator';
import { SessionRequest } from "supertokens-node/framework/express";
import supertokens from "supertokens-node";
@Controller()
export class ExampleController {
@Post('example')
@UseGuards(new AuthGuard()) // For more information about this guard please read our NestJS guide.
async postExample(@Request() req: SessionRequest, @Session() session: Session, @Response({passthrough: true}) res: Response): Promise<boolean> {
let userId = session.getUserId();
let userInfo = await supertokens.getUser(userId)
/**
*
* userInfo contains the following info:
* - emails
* - id
* - timeJoined
* - tenantIds
* - phone numbers
* - third party login info
* - all the login methods associated with this user.
* - information about if the user's email is verified or not.
*
*/
return true;
}
}
- Chi
- net/http
- Gin
- Mux
import (
"fmt"
"net/http"
"github.com/supertokens/supertokens-golang/recipe/session"
"github.com/supertokens/supertokens-golang/recipe/thirdpartypasswordless"
)
func main() {
_ = http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
session.VerifySession(nil, getUserInfoAPI).ServeHTTP(rw, r)
})
}
func getUserInfoAPI(w http.ResponseWriter, r *http.Request) {
sessionContainer := session.GetSessionFromRequestContext(r.Context())
userID := sessionContainer.GetUserID()
// You can learn more about the `User` object over here https://github.com/supertokens/core-driver-interface/wiki
userInfo, err := thirdpartypasswordless.GetUserByID(userID)
if err != nil {
// TODO: Handle error
return
}
fmt.Println(userInfo)
}
import (
"fmt"
"net/http"
"github.com/gin-gonic/gin"
"github.com/supertokens/supertokens-golang/recipe/session"
"github.com/supertokens/supertokens-golang/recipe/session/sessmodels"
"github.com/supertokens/supertokens-golang/recipe/thirdpartypasswordless"
)
func main() {
router := gin.New()
router.GET("/getuserinfo", verifySession(nil), getUserInfoAPI)
}
func verifySession(options *sessmodels.VerifySessionOptions) gin.HandlerFunc {
return func(c *gin.Context) {
session.VerifySession(options, func(rw http.ResponseWriter, r *http.Request) {
c.Request = c.Request.WithContext(r.Context())
c.Next()
})(c.Writer, c.Request)
// we call Abort so that the next handler in the chain is not called, unless we call Next explicitly
c.Abort()
}
}
func getUserInfoAPI(c *gin.Context) {
sessionContainer := session.GetSessionFromRequestContext(c.Request.Context())
userID := sessionContainer.GetUserID()
// You can learn more about the `User` object over here https://github.com/supertokens/core-driver-interface/wiki
userInfo, err := thirdpartypasswordless.GetUserByID(userID)
if err != nil {
// TODO: Handle error
return
}
fmt.Println(userInfo)
//...
}
import (
"fmt"
"net/http"
"github.com/go-chi/chi"
"github.com/supertokens/supertokens-golang/recipe/session"
"github.com/supertokens/supertokens-golang/recipe/thirdpartypasswordless"
)
func main() {
r := chi.NewRouter()
r.Get("/getuserinfo", session.VerifySession(nil, getUserInfoAPI))
}
func getUserInfoAPI(w http.ResponseWriter, r *http.Request) {
sessionContainer := session.GetSessionFromRequestContext(r.Context())
userID := sessionContainer.GetUserID()
// You can learn more about the `User` object over here https://github.com/supertokens/core-driver-interface/wiki
userInfo, err := thirdpartypasswordless.GetUserByID(userID)
if err != nil {
// TODO: Handle error
return
}
fmt.Println(userInfo)
}
import (
"fmt"
"net/http"
"github.com/gorilla/mux"
"github.com/supertokens/supertokens-golang/recipe/session"
"github.com/supertokens/supertokens-golang/recipe/thirdpartypasswordless"
)
func main() {
router := mux.NewRouter()
router.HandleFunc("/getuserinfo", session.VerifySession(nil, getUserInfoAPI)).Methods(http.MethodGet)
}
func getUserInfoAPI(w http.ResponseWriter, r *http.Request) {
sessionContainer := session.GetSessionFromRequestContext(r.Context())
userID := sessionContainer.GetUserID()
// You can learn more about the `User` object over here https://github.com/supertokens/core-driver-interface/wiki
userInfo, err := thirdpartypasswordless.GetUserByID(userID)
if err != nil {
// TODO: Handle error
return
}
fmt.Println(userInfo)
}
- FastAPI
- Flask
- Django
from supertokens_python.recipe.session.framework.fastapi import verify_session
from supertokens_python.recipe.thirdpartypasswordless.asyncio import get_user_by_id
from supertokens_python.recipe.session import SessionContainer
from fastapi import FastAPI, Depends
app = FastAPI()
@app.post('/get_user_info_api')
async def get_user_info_api(session: SessionContainer = Depends(verify_session())):
user_id = session.get_user_id()
# You can learn more about the `User` object over here https://github.com/supertokens/core-driver-interface/wiki
_ = await get_user_by_id(user_id)
from supertokens_python.recipe.session.framework.flask import verify_session
from supertokens_python.recipe.thirdpartypasswordless.syncio import get_user_by_id
from flask import Flask, g
from supertokens_python.recipe.session import SessionContainer
app = Flask(__name__)
@app.route('/update-jwt', methods=['POST'])
@verify_session()
def get_user_info_api():
session: SessionContainer = g.supertokens
user_id = session.get_user_id()
# You can learn more about the `User` object over here https://github.com/supertokens/core-driver-interface/wiki
_ = get_user_by_id(user_id)
from supertokens_python.recipe.session.framework.django.asyncio import verify_session
from supertokens_python.recipe.thirdpartypasswordless.asyncio import get_user_by_id
from django.http import HttpRequest
from supertokens_python.recipe.session import SessionContainer
@verify_session()
async def get_user_info_api(request: HttpRequest):
session: SessionContainer = request.supertokens
user_id = session.get_user_id()
# You can learn more about the `User` object over here https://github.com/supertokens/core-driver-interface/wiki
_ = await get_user_by_id(user_id)
#
Using the user metadata recipeCheckout the user metadata recipe docs which shows you how to save and fetch any JSON object against the user's ID. You can use this to save information like the user's name (first_name
and last_name
) or any other field associated with the user.
#
Getting information from the user's sessionThe user's session contains their user ID and the session's payload. You can access this on the backend and frontend as well as whilst the user is online or offline.
More information about this can be found in the session docs.
#
Getting the user's third party provider information and access tokenIf the user used a third party provider to login, you can access their info via SuperTokens as shown below. You can then save the OAuthTokens in your own db or in SuperTokens (using the user metadata recipe) and use them to fetch / change info about the logged in user from the third party provider.
- NodeJS
- GoLang
- Python
- Other Frameworks
Important
import SuperTokens from "supertokens-node";
import ThirdPartyPasswordless from "supertokens-node/recipe/thirdpartypasswordless";
import Session from "supertokens-node/recipe/session";
SuperTokens.init({
appInfo: {
apiDomain: "...",
appName: "...",
websiteDomain: "..."
},
supertokens: {
connectionURI: "...",
},
recipeList: [
ThirdPartyPasswordless.init({
override: {
functions: (originalImplementation) => {
return {
...originalImplementation,
// override the thirdparty sign in / up API
thirdPartySignInUp: async function(input) {
// TODO: Some pre sign in / up logic
let response = await originalImplementation.thirdPartySignInUp(input);
if (response.status === "OK") {
// This is the response from the OAuth tokens provided by the third party provider
let accessToken = response.oAuthTokens["access_token"];
// other tokens like the refresh_token or id_token are also
// available in the oAuthTokens object.
// This gives the user's info as returned by the provider's user profile endpoint.
let firstName = response.rawUserInfoFromProvider.fromUserInfoAPI!["first_name"];
// This gives the user's info from the returned ID token
// if the provider gave us an ID token
let lastName = response.rawUserInfoFromProvider.fromUserInfoAPI!["last_name"];
}
return response;
}
}
}
}
}),
Session.init({ /* ... */ })
]
});
import (
"fmt"
"github.com/supertokens/supertokens-golang/recipe/thirdparty/tpmodels"
"github.com/supertokens/supertokens-golang/recipe/thirdpartypasswordless"
"github.com/supertokens/supertokens-golang/recipe/thirdpartypasswordless/tplmodels"
"github.com/supertokens/supertokens-golang/supertokens"
)
func main() {
supertokens.Init(supertokens.TypeInput{
RecipeList: []supertokens.Recipe{
thirdpartypasswordless.Init(tplmodels.TypeInput{
Override: &tplmodels.OverrideStruct{
Functions: func(originalImplementation tplmodels.RecipeInterface) tplmodels.RecipeInterface {
originalThirdPartySignInUp := *originalImplementation.ThirdPartySignInUp
// override the thirdparty sign in / up function
(*originalImplementation.ThirdPartySignInUp) = func(thirdPartyID, thirdPartyUserID, email string, oAuthTokens tpmodels.TypeOAuthTokens, rawUserInfoFromProvider tpmodels.TypeRawUserInfoFromProvider, tenantId string, userContext supertokens.UserContext) (tplmodels.ThirdPartySignInUp, error) {
resp, err := originalThirdPartySignInUp(thirdPartyID, thirdPartyUserID, email, oAuthTokens, rawUserInfoFromProvider, tenantId, userContext)
if err != nil {
return tplmodels.ThirdPartySignInUp{}, err
}
if resp.OK != nil {
user := resp.OK.User
fmt.Println(user)
// This is the response from the OAuth tokens provided by the third party provider
fmt.Println(resp.OK.OAuthTokens["access_token"])
// other tokens like the refresh_token or id_token are also
// available in the OAuthTokens object.
// This gives the user's info as returned by the provider's user profile endpoint.
fmt.Println(resp.OK.RawUserInfoFromProvider.FromUserInfoAPI["first_name"])
// This gives the user's info from the returned ID token
// if the provider gave us an ID token
fmt.Println(resp.OK.RawUserInfoFromProvider.FromIdTokenPayload["first_name"])
}
return resp, err
}
return originalImplementation
},
},
}),
},
})
}
from supertokens_python import init, InputAppInfo
from supertokens_python.types import GeneralErrorResponse
from supertokens_python.recipe import thirdpartypasswordless
from supertokens_python.recipe.thirdpartypasswordless.interfaces import APIInterface, ThirdPartyAPIOptions, ThirdPartySignInUpPostOkResult, ThirdPartySignInUpPostNoEmailGivenByProviderResponse
from typing import Optional, Union, Dict, Any
from supertokens_python.recipe.thirdparty.provider import Provider, RedirectUriInfo
def override_thirdpartypasswordless_apis(original_implementation: APIInterface):
original_thirdparty_sign_in_up_post = original_implementation.thirdparty_sign_in_up_post
async def thirdparty_sign_in_up_post(
provider: Provider,
redirect_uri_info: Optional[RedirectUriInfo],
oauth_tokens: Optional[Dict[str, Any]],
tenant_id: str,
api_options: ThirdPartyAPIOptions,
user_context: Dict[str, Any]
) -> Union[
ThirdPartySignInUpPostOkResult,
ThirdPartySignInUpPostNoEmailGivenByProviderResponse,
GeneralErrorResponse,
]:
# call the default behaviour as show below
result = await original_thirdparty_sign_in_up_post(provider, redirect_uri_info, oauth_tokens, tenant_id, api_options, user_context)
if isinstance(result, ThirdPartySignInUpPostOkResult):
print(result.user)
# This is the response from the OAuth tokens provided by the third party provider
print(result.oauth_tokens["access_token"])
# other tokens like the refresh_token or id_token are also
# available in the OAuthTokens object.
# This gives the user's info as returned by the provider's user profile endpoint.
if result.raw_user_info_from_provider.from_user_info_api is not None:
print(result.raw_user_info_from_provider.from_user_info_api["first_name"])
# This gives the user's info from the returned ID token
# if the provider gave us an ID token
if result.raw_user_info_from_provider.from_id_token_payload is not None:
print(result.raw_user_info_from_provider.from_id_token_payload["first_name"])
return result
original_implementation.thirdparty_sign_in_up_post = thirdparty_sign_in_up_post
return original_implementation
init(
app_info=InputAppInfo(api_domain="...", app_name="...", website_domain="..."),
framework='...',
recipe_list=[
thirdpartypasswordless.init(
flow_type="USER_INPUT_CODE",
override=thirdpartypasswordless.InputOverrideConfig(
apis=override_thirdpartypasswordless_apis
)
)
]
)