GitHub user dosubot[bot] added a comment to the discussion: localStorage misses last_async_event_id
<!-- Answer --> Now I see what's happening! The logs show the channel ID changing (`605caed7...` → `07902a86...`) between consecutive requests, which confirms the async-token JWT cookie is being **regenerated** on each request. Your `before_request` code itself isn't the issue - it's what happens in the **after-request handler** ([`validate_session()`](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/async_events/async_query_manager.py#L164-L195)) that's creating new tokens. The [reset_token condition](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/async_events/async_query_manager.py#L167-L172) triggers when: ```python reset_token = ( not request.cookies.get(self._jwt_cookie_name) # ← THIS IS LIKELY YOUR ISSUE or "async_channel_id" not in session or "async_user_id" not in session or user_id != session["async_user_id"] ) ``` Since `async_channel_id` and `async_user_id` are in your session (you showed that in the logs), the most likely cause is **`request.cookies.get("async-token")` returning None** - meaning the browser isn't sending the cookie back. **Yes, you can use the session's `async_channel_id` to create a stable token!** Here's how: Instead of letting the system regenerate, you could modify `validate_session()` or add your own after-request handler that: 1. Checks if `async_channel_id` exists in session 2. Uses that existing channel_id (instead of generating a new UUID) when creating the JWT 3. Ensures the cookie is set with correct attributes Or simpler - figure out why the async-token cookie isn't being sent back. Check: - Browser DevTools → Application → Cookies: Is `async-token` present after a response? - Browser DevTools → Network → Request Headers: Is `Cookie: async-token=...` being sent? - Cookie attributes: Domain, Path, SameSite, Secure flags matching your setup The fact that [`parse_channel_id_from_request()`](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/async_events/async_query_manager.py#L197-L206) reads **only from the JWT cookie** (not from session) explains why each poll gets a different channel - each request is getting a freshly minted token with a new UUID. <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/c79e638f-89f1-48db-aeb2-8ec0a66534bd?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/c79e638f-89f1-48db-aeb2-8ec0a66534bd?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/c79e638f-89f1-48db-aeb2-8ec0a66534bd?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/c79e638f-89f1-48db-aeb2-8ec0a66534bd?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/c79e638f-89f1-48db-aeb2-8ec0a66534bd?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/c79e638f-89f1-48db-aeb2-8ec0a66534bd?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/c79e638f-89f1-48db-aeb2-8ec0a66534bd?feedback_type=other)</sup> [](https://app.dosu.dev/a28d3c7e-a9d3-459e-9fb6-3a6f9ff4f357/ask?utm_source=github) [](https://cursor.com/link/prompt?text=Now%20I%20see%20what%27s%20happening%21%20The%20logs%20show%20the%20channel%20ID%20changing%20%28%60605caed7...%60%20%E2%86%92%20%6007902a86...%60%29%20between%20consecutive%20requests%2C%20which%20confirms%20the%20async-token%20JWT%20cookie%20is%20being%20%2A%2Aregenerated%2A%2A%20on%20each%20request.%0A%0AYour%20%60before_request%60%20code%20itself%20isn%27t%20the%20issue%20-%20it%27s%20what%20happens%20in%20the%20%2A%2Aafter-request%20handler%2A%2A%20%28%5B%60validate_session%28%29%60%5D%28https%3A//github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/async_events/async_query_manager.py%23L164-L195%29%29%20that%27s%20creating%20new%20tokens.%0A%0AThe%20%5Breset_token%20condition%5D%28https%3A//github.com/apache/superset /blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/async_events/async_query_manager.py%23L167-L172%29%20triggers%20when%3A%0A%60%60%60python%0Areset_token%20%3D%20%28%0A%20%20%20%20not%20request.cookies.get%28self._jwt_cookie_name%29%20%20%23%20%E2%86%90%20THIS%20IS%20LIKELY%20YOUR%20ISSUE%0A%20%20%20%20or%20%22async_channel_id%22%20not%20in%20session%0A%20%20%20%20or%20%22async_user_id%22%20not%20in%20session%0A%20%20%20%20or%20user_id%20%21%3D%20session%5B%22async_user_id%22%5D%0A%29%0A%60%60%60%0A%0ASince%20%60async_channel_id%60%20and%20%60async_user_id%60%20are%20in%20your%20session%20%28you%20showed%20that%20in%20the%20logs%29%2C%20the%20most%20likely%20cause%20is%20%2A%2A%60request.cookies.get%28%22async-token%22%29%60%20returning%20None%2A%2A%20-%20meaning%20the%20browser%20isn%27t%20sending%20the%20cookie%20back.%0A%0A%2A%2AYes%2C%20you%20can%20use%20the%20session%27s%20%60async_channel_id%60%20to%20create%20a%20stable%20token%21%2A%2A%20Here%27s%20how%3A%0A%0AInstead% 20of%20letting%20the%20system%20regenerate%2C%20you%20could%20modify%20%60validate_session%28%29%60%20or%20add%20your%20own%20after-request%20handler%20that%3A%0A1.%20Checks%20if%20%60async_channel_id%60%20exists%20in%20session%0A2.%20Uses%20that%20existing%20channel_id%20%28instead%20of%20generating%20a%20new%20UUID%29%20when%20creating%20the%20JWT%0A3.%20Ensures%20the%20cookie%20is%20set%20with%20correct%20attributes%0A%0AOr%20simpler%20-%20figure%20out%20why%20the%20async-token%20cookie%20isn%27t%20being%20sent%20back.%20Check%3A%0A-%20Browser%20DevTools%20%E2%86%92%20Application%20%E2%86%92%20Cookies%3A%20Is%20%60async-token%60%20present%20after%20a%20response%3F%0A-%20Browser%20DevTools%20%E2%86%92%20Network%20%E2%86%92%20Request%20Headers%3A%20Is%20%60Cookie%3A%20async-token%3D...%60%20being%20sent%3F%0A-%20Cookie%20attributes%3A%20Domain%2C%20Path%2C%20SameSite%2C%20Secure%20flags%20matching%20your%20setup%0A%0AThe%20fact%20that%20%5B%60parse_channel_id_from_request%28%29%60% 5D%28https%3A//github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset/async_events/async_query_manager.py%23L197-L206%29%20reads%20%2A%2Aonly%20from%20the%20JWT%20cookie%2A%2A%20%28not%20from%20session%29%20explains%20why%20each%20poll%20gets%20a%20different%20channel%20-%20each%20request%20is%20getting%20a%20freshly%20minted%20token%20with%20a%20new%20UUID.) [](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/discussions/38303) GitHub link: https://github.com/apache/superset/discussions/38303#discussioncomment-15954736 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
