Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

don't send expired JWTs #403

Closed
awalias opened this issue Jun 7, 2021 · 8 comments
Closed

don't send expired JWTs #403

awalias opened this issue Jun 7, 2021 · 8 comments
Assignees
Labels
bug Something isn't working

Comments

@awalias
Copy link
Member

awalias commented Jun 7, 2021

We might want to verify the JWT expiry date locally before sending to the server to query for data, then if there's a refresh_token stored locally we might be able to refresh it before making the request, or otherwise triggering a listenable event on the client

related: supabase/supabase#889
related: #620

@velocity23
Copy link

First-time contributor here, I'd be happy to take a look at this if it's up for grabs

@velocity23
Copy link

Having a look now, thinking of putting the checks in SupabaseClient in the _getAuthHeaders method as a starting point to check on client initialization then opening PRs to the GoTrue, PostgREST, Realtime, and Storage clients to check per request. Would that work @awalias?

@gitbugr
Copy link

gitbugr commented Dec 4, 2021

+1 for this. During development I've noticed some issues where if the Chrome engine is inactive for a little bit (say, your comp was on standby) but the tab is still open, I can only assume my JWT will have expired, as I can't query rows. After a little bit, it "fixes" itself, but this is a little annoying to handle as it should be handled as part of the library.

@vbylen
Copy link

vbylen commented Jun 25, 2022

It's beyond annoying to always be logged out of supabase apps, including the supabase dashboard.

@PH4NTOMiki
Copy link

Yeah, second this

@vbylen
Copy link

vbylen commented Aug 16, 2022

I think this is fixed now with v2. Congratulations supabase team 👏

@monicakh monicakh transferred this issue from supabase/supabase-js Aug 18, 2022
@cohlar
Copy link

cohlar commented Dec 17, 2022

I am still experiencing this issue with "@supabase/supabase-js": "^2.1.4" - I have only tried locally with "supabase": "^1.24.0", not in production.

@hf
Copy link
Contributor

hf commented Dec 30, 2022

If not fixed, with v2 there should be better behavior. We're not seeing problems on app.supabase.com or many other projects.

With supabase/postgrest-js#335 this should become even better. I'll close the issue now, do continue to comment if you have any further issues.

@cohlar Would you mind using the very latest v2 of the library. Do have in mind that if you're doing server side rendering there can be some confusing behavior that looks like this issue.

@hf hf closed this as completed Dec 30, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

7 participants