supertokens
diff --git a/‎CHANGELOG.md‎
Lines changed: 9 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎recipe/dashboard/api/analyticsPOST.go‎
Lines changed: 6 additions & 1 deletion b/‎recipe/dashboard/api/analyticsPOST.go‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎recipe/dashboard/recipe.go‎
Lines changed: 1 addition & 1 deletion b/‎recipe/dashboard/recipe.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎recipe/emailpassword/api/implementation.go‎
Lines changed: 3 additions & 1 deletion b/‎recipe/emailpassword/api/implementation.go‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎recipe/emailpassword/api/utils.go‎
Lines changed: 8 additions & 3 deletions b/‎recipe/emailpassword/api/utils.go‎
Lines changed: 8 additions & 3 deletions
diff --git a/‎recipe/emailpassword/main.go‎
Lines changed: 14 additions & 6 deletions b/‎recipe/emailpassword/main.go‎
Lines changed: 14 additions & 6 deletions
diff --git a/‎recipe/emailpassword/passwordReset_test.go‎
Lines changed: 103 additions & 0 deletions b/‎recipe/emailpassword/passwordReset_test.go‎
Lines changed: 103 additions & 0 deletions
diff --git a/‎recipe/emailpassword/recipe.go‎
Lines changed: 1 addition & 1 deletion b/‎recipe/emailpassword/recipe.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎recipe/emailverification/api/implementation.go‎
Lines changed: 8 additions & 1 deletion b/‎recipe/emailverification/api/implementation.go‎
Lines changed: 8 additions & 1 deletion
diff --git a/‎recipe/emailverification/api/utils.go‎
Lines changed: 8 additions & 3 deletions b/‎recipe/emailverification/api/utils.go‎
Lines changed: 8 additions & 3 deletions
@@ -7,6 +7,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+
+## [0.17.1] - 2023-11-24
+
+### Added
+
+-   Adds support for configuring multiple frontend domains to be used with the same backend
+-   Added new `Origin` and `GetOrigin` properties to `AppInfo`, this can be configured to allow you to conditionally return the value of the frontend domain. This property will replace `WebsiteDomain` in a future release of `supertokens-golang`
+-   `WebsiteDomain` inside `AppInfo` is now optional. Using `Origin` or `GetOrigin` is recommended over using `WebsiteDomain`. This is not a breaking change and using `WebsiteDomain` will continue to work.
+
 ## [0.17.0] - 2023-11-14
 
 ### Breaking change
 
@@ -61,8 +61,13 @@ func AnalyticsPost(apiInterface dashboardmodels.APIInterface, tenantId string, o
 		}
 	}
 
+	websiteDomain, err := supertokensInstance.AppInfo.GetOrigin(nil, &map[string]interface{}{})
+	if err != nil {
+		return analyticsPostResponse{}, err
+	}
+
 	data := map[string]interface{}{
-		"websiteDomain":    supertokensInstance.AppInfo.WebsiteDomain.GetAsStringDangerous(),
+		"websiteDomain":    websiteDomain.GetAsStringDangerous(),
 		"apiDomain":        supertokensInstance.AppInfo.APIDomain.GetAsStringDangerous(),
 		"appName":          supertokensInstance.AppInfo.AppName,
 		"sdk":              "golang",
 
@@ -350,7 +350,7 @@ func (r *Recipe) getAllCORSHeaders() []string {
 	return []string{}
 }
 
-func (r *Recipe) handleError(err error, req *http.Request, res http.ResponseWriter) (bool, error) {
+func (r *Recipe) handleError(err error, req *http.Request, res http.ResponseWriter, userContext supertokens.UserContext) (bool, error) {
 	return false, nil
 }
 
 
@@ -66,11 +66,13 @@ func MakeAPIImplementation() epmodels.APIInterface {
 			}, nil
 		}
 
-		passwordResetLink := GetPasswordResetLink(
+		passwordResetLink, err := GetPasswordResetLink(
 			options.AppInfo,
 			options.RecipeID,
 			response.OK.Token,
 			tenantId,
+			options.Req,
+			userContext,
 		)
 
 		if err != nil {
 
@@ -18,6 +18,7 @@ package api
 import (
 	"encoding/json"
 	"fmt"
+	"net/http"
 	"strings"
 
 	"github.com/supertokens/supertokens-golang/recipe/emailpassword/epmodels"
@@ -125,13 +126,17 @@ func validateFormOrThrowError(configFormFields []epmodels.NormalisedFormField, i
 	return nil
 }
 
-func GetPasswordResetLink(appInfo supertokens.NormalisedAppinfo, recipeID string, token string, tenantId string) string {
+func GetPasswordResetLink(appInfo supertokens.NormalisedAppinfo, recipeID string, token string, tenantId string, request *http.Request, userContext supertokens.UserContext) (string, error) {
+	websiteDomain, err := appInfo.GetOrigin(request, userContext)
+	if err != nil {
+		return "", err
+	}
 	return fmt.Sprintf(
 		"%s%s/reset-password?token=%s&rid=%s&tenantId=%s",
-		appInfo.WebsiteDomain.GetAsStringDangerous(),
+		websiteDomain.GetAsStringDangerous(),
 		appInfo.WebsiteBasePath.GetAsStringDangerous(),
 		token,
 		recipeID,
 		tenantId,
-	)
+	), nil
 }
@@ -138,14 +138,22 @@ func CreateResetPasswordLink(tenantId string, userID string, userContext ...supe
 		return epmodels.CreateResetPasswordLinkResponse{}, err
 	}
 
+	link, err := api.GetPasswordResetLink(
+		instance.RecipeModule.GetAppInfo(),
+		instance.RecipeModule.GetRecipeID(),
+		tokenResponse.OK.Token,
+		tenantId,
+		supertokens.GetRequestFromUserContext(userContext[0]),
+		userContext[0],
+	)
+
+	if err != nil {
+		return epmodels.CreateResetPasswordLinkResponse{}, err
+	}
+
 	return epmodels.CreateResetPasswordLinkResponse{
 		OK: &struct{ Link string }{
-			Link: api.GetPasswordResetLink(
-				instance.RecipeModule.GetAppInfo(),
-				instance.RecipeModule.GetRecipeID(),
-				tokenResponse.OK.Token,
-				tenantId,
-			),
+			Link: link,
 		},
 	}, nil
 }
 
@@ -455,3 +455,106 @@ func TestValidTokenInputAndPasswordHasChanged(t *testing.T) {
 	assert.Equal(t, userInfo["id"], result3["user"].(map[string]interface{})["id"].(string))
 	assert.Equal(t, userInfo["email"], result3["user"].(map[string]interface{})["email"].(string))
 }
+
+func TestPasswordResetLinkUsesOriginFunctionIfProvided(t *testing.T) {
+	resetURL := ""
+	tokenInfo := ""
+	ridInfo := ""
+	sendEmailFunc := func(input emaildelivery.EmailType, userContext supertokens.UserContext) error {
+		u, err := url.Parse(input.PasswordReset.PasswordResetLink)
+		if err != nil {
+			return err
+		}
+		resetURL = u.Scheme + "://" + u.Host + u.Path
+		tokenInfo = u.Query().Get("token")
+		ridInfo = u.Query().Get("rid")
+		return nil
+	}
+	configValue := supertokens.TypeInput{
+		Supertokens: &supertokens.ConnectionInfo{
+			ConnectionURI: "http://localhost:8080",
+		},
+		AppInfo: supertokens.AppInfo{
+			APIDomain: "api.supertokens.io",
+			AppName:   "SuperTokens",
+			GetOrigin: func(request *http.Request, userContext supertokens.UserContext) (string, error) {
+				// read request body
+				decoder := json.NewDecoder(request.Body)
+				var requestBody map[string]interface{}
+				err := decoder.Decode(&requestBody)
+				if err != nil {
+					return "https://supertokens.com", nil
+				}
+				if requestBody["origin"] == nil {
+					return "https://supertokens.com", nil
+				}
+				return requestBody["origin"].(string), nil
+			},
+		},
+		RecipeList: []supertokens.Recipe{
+			Init(&epmodels.TypeInput{
+				EmailDelivery: &emaildelivery.TypeInput{
+					Service: &emaildelivery.EmailDeliveryInterface{
+						SendEmail: &sendEmailFunc,
+					},
+				},
+			}),
+			session.Init(nil),
+		},
+	}
+
+	BeforeEach()
+	unittesting.StartUpST("localhost", "8080")
+	defer AfterEach()
+	err := supertokens.Init(configValue)
+	if err != nil {
+		t.Error(err.Error())
+	}
+	mux := http.NewServeMux()
+	testServer := httptest.NewServer(supertokens.Middleware(mux))
+	defer testServer.Close()
+
+	res, err := unittesting.SignupRequest("random@gmail.com", "validpass123", testServer.URL)
+	if err != nil {
+		t.Error(err.Error())
+	}
+	assert.NoError(t, err)
+	dataInBytes, err := io.ReadAll(res.Body)
+	if err != nil {
+		t.Error(err.Error())
+	}
+	res.Body.Close()
+	var result map[string]interface{}
+	err = json.Unmarshal(dataInBytes, &result)
+	if err != nil {
+		t.Error(err.Error())
+	}
+	assert.Equal(t, 200, res.StatusCode)
+	assert.Equal(t, "OK", result["status"])
+
+	formFields := map[string]interface{}{
+		"origin": "localhost:2000",
+		"formFields": []map[string]interface{}{{
+			"id":    "email",
+			"value": "random@gmail.com",
+		}},
+	}
+
+	postBody, err := json.Marshal(formFields)
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	resp, err := http.Post(testServer.URL+"/auth/user/password/reset/token", "application/json", bytes.NewBuffer(postBody))
+
+	if err != nil {
+		t.Error(err.Error())
+	}
+
+	assert.NoError(t, err)
+
+	assert.Equal(t, 200, resp.StatusCode)
+	assert.Equal(t, "http://localhost:2000/auth/reset-password", resetURL)
+	assert.NotEmpty(t, tokenInfo)
+	assert.True(t, strings.HasPrefix(ridInfo, "emailpassword"))
+}
@@ -181,7 +181,7 @@ func (r *Recipe) getAllCORSHeaders() []string {
 	return []string{}
 }
 
-func (r *Recipe) handleError(err error, req *http.Request, res http.ResponseWriter) (bool, error) {
+func (r *Recipe) handleError(err error, req *http.Request, res http.ResponseWriter, userContext supertokens.UserContext) (bool, error) {
 	if defaultErrors.As(err, &errors.FieldError{}) {
 		errs := err.(errors.FieldError)
 		return true, supertokens.Send200Response(res, map[string]interface{}{
 
@@ -122,13 +122,20 @@ func MakeAPIImplementation() evmodels.APIInterface {
 			ID:    userID,
 			Email: email.OK.Email,
 		}
-		emailVerificationURL := GetEmailVerifyLink(
+
+		emailVerificationURL, err := GetEmailVerifyLink(
 			options.AppInfo,
 			response.OK.Token,
 			options.RecipeID,
 			sessionContainer.GetTenantIdWithContext(userContext),
+			options.Req,
+			userContext,
 		)
 
+		if err != nil {
+			return evmodels.GenerateEmailVerifyTokenPOSTResponse{}, err
+		}
+
 		supertokens.LogDebugMessage(fmt.Sprintf("Sending email verification email to %s", email.OK.Email))
 		err = (*options.EmailDelivery.IngredientInterfaceImpl.SendEmail)(emaildelivery.EmailType{
 			EmailVerification: &emaildelivery.EmailVerificationType{
 
@@ -2,17 +2,22 @@ package api
 
 import (
 	"fmt"
+	"net/http"
 
 	"github.com/supertokens/supertokens-golang/supertokens"
 )
 
-func GetEmailVerifyLink(appInfo supertokens.NormalisedAppinfo, token string, recipeID string, tenantId string) string {
+func GetEmailVerifyLink(appInfo supertokens.NormalisedAppinfo, token string, recipeID string, tenantId string, request *http.Request, userContext supertokens.UserContext) (string, error) {
+	websiteDomain, err := appInfo.GetOrigin(request, userContext)
+	if err != nil {
+		return "", err
+	}
 	return fmt.Sprintf(
 		"%s%s/verify-email?token=%s&rid=%s&tenantId=%s",
-		appInfo.WebsiteDomain.GetAsStringDangerous(),
+		websiteDomain.GetAsStringDangerous(),
 		appInfo.WebsiteBasePath.GetAsStringDangerous(),
 		token,
 		recipeID,
 		tenantId,
-	)
+	), nil
 }
Original file line number	Diff line number	Diff line change
`@@ -61,8 +61,13 @@ func AnalyticsPost(apiInterface dashboardmodels.APIInterface, tenantId string, o`
`61`	`61`	`}`
`62`	`62`	`}`
`63`	`63`
	`64`	`+ websiteDomain, err := supertokensInstance.AppInfo.GetOrigin(nil, &map[string]interface{}{})`
	`65`	`+ if err != nil {`
	`66`	`+ return analyticsPostResponse{}, err`
	`67`	`+ }`
	`68`	`+`
`64`	`69`	`data := map[string]interface{}{`
`65`		`- "websiteDomain": supertokensInstance.AppInfo.WebsiteDomain.GetAsStringDangerous(),`
	`70`	`+ "websiteDomain": websiteDomain.GetAsStringDangerous(),`
`66`	`71`	`"apiDomain": supertokensInstance.AppInfo.APIDomain.GetAsStringDangerous(),`
`67`	`72`	`"appName": supertokensInstance.AppInfo.AppName,`
`68`	`73`	`"sdk": "golang",`
Original file line number	Diff line number	Diff line change
`@@ -350,7 +350,7 @@ func (r *Recipe) getAllCORSHeaders() []string {`
`350`	`350`	`return []string{}`
`351`	`351`	`}`
`352`	`352`
`353`		`-func (r Recipe) handleError(err error, req http.Request, res http.ResponseWriter) (bool, error) {`
	`353`	`+func (r Recipe) handleError(err error, req http.Request, res http.ResponseWriter, userContext supertokens.UserContext) (bool, error) {`
`354`	`354`	`return false, nil`
`355`	`355`	`}`
`356`	`356`
Original file line number	Diff line number	Diff line change
`@@ -66,11 +66,13 @@ func MakeAPIImplementation() epmodels.APIInterface {`
`66`	`66`	`}, nil`
`67`	`67`	`}`
`68`	`68`
`69`		`- passwordResetLink := GetPasswordResetLink(`
	`69`	`+ passwordResetLink, err := GetPasswordResetLink(`
`70`	`70`	`options.AppInfo,`
`71`	`71`	`options.RecipeID,`
`72`	`72`	`response.OK.Token,`
`73`	`73`	`tenantId,`
	`74`	`+ options.Req,`
	`75`	`+ userContext,`
`74`	`76`	`)`
`75`	`77`
`76`	`78`	`if err != nil {`
Original file line number	Diff line number	Diff line change
`@@ -181,7 +181,7 @@ func (r *Recipe) getAllCORSHeaders() []string {`
`181`	`181`	`return []string{}`
`182`	`182`	`}`
`183`	`183`
`184`		`-func (r Recipe) handleError(err error, req http.Request, res http.ResponseWriter) (bool, error) {`
	`184`	`+func (r Recipe) handleError(err error, req http.Request, res http.ResponseWriter, userContext supertokens.UserContext) (bool, error) {`
`185`	`185`	`if defaultErrors.As(err, &errors.FieldError{}) {`
`186`	`186`	`errs := err.(errors.FieldError)`
`187`	`187`	`return true, supertokens.Send200Response(res, map[string]interface{}{`