Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

autoRefreshToken on does supabase client does not work #563

Closed
uze opened this issue Dec 10, 2022 · 9 comments
Closed

autoRefreshToken on does supabase client does not work #563

uze opened this issue Dec 10, 2022 · 9 comments
Labels
bug Something isn't working

Comments

@uze
Copy link

uze commented Dec 10, 2022

Bug report

autoRefreshToken does not refresh users access_token / JWT when it expires.

const createSupabaseClient = () =>
  createClient(supabaseUrl, supabaseAnonKey, {
    auth: {
      autoRefreshToken: true,
    },
  });

Describe the bug

I'm currently working on a react native application and I sometimes keep it open for long period on one screen, but whenever I click to a new screen and a request is made to supabase I get a 401 from the request along with "JWT Expired" message. How should I properly handle the JWT for long app sessions where people typically dont log in / out all the time.

To Reproduce

  1. Set JWT expiry limit to 60s.

  2. Start user session and make a supabase call where the users access_token is needed. For example:

      const user = await supabase.auth.getUser(access_token);
  1. Wait 60s and make that call again. You will get this error:
error: AuthApiError: invalid JWT: unable to parse or verify signature, token is expired by TIME

Expected behavior

When making another call the autoRefreshToken should automatically refresh the token if it is invalid.

System information

  • OS: [macOS]
  • Version of supabase-js: [v2.1.0]
  • Version of Node.js: [v16.13.0]
  • Version of React Native : [v0.70.5]

Additional context

Related issue:
@uze uze added the bug Something isn't working label Dec 10, 2022
@uze
Copy link
Author

uze commented Dec 10, 2022

I'm hoping to utilize onAuthStateChange as a workaround where:

supabase.auth.onAuthStateChange((event, session) => {
  if (event == 'TOKEN_REFRESHED') {
      // Set refresh token & access token here to be used in future API calls when autoRefreshToken is fired
  }
})

@GaryAustin1
Copy link

GaryAustin1 commented Dec 10, 2022
edited
Loading

You need local storage support for refresh token to work... pretty sure.
https://supabase.com/docs/reference/javascript/initializing#react-native-options

@uze
Copy link
Author

uze commented Dec 11, 2022

@GaryAustin1

My supabase.ts file looks like this:

import { createClient } from '@supabase/supabase-js';
import AsyncStorage from '@react-native-async-storage/async-storage';

const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL as string;
const supabaseAnonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY as string;

export const createSupabaseClient = () =>
  createClient(supabaseUrl, supabaseAnonKey, {
    auth: {
      storage: AsyncStorage,
      autoRefreshToken: true,
      persistSession: true,
      detectSessionInUrl: false,
    },
  });

But when I add the storage: AsyncStorage line I get a ReferenceError: window is not defined error.

@uze uze mentioned this issue Dec 11, 2022
Closed
@saltcod saltcod transferred this issue from supabase/supabase Dec 20, 2022
@hf
Copy link
Contributor

hf commented Dec 30, 2022

@uze Can you send us a log / trace of the ReferenceError you mention?

@hf
Copy link
Contributor

hf commented Mar 1, 2023

@uze Is this still relevant?

@hf
Copy link
Contributor

hf commented Mar 1, 2023

Duplicate of #620

@hf hf marked this as a duplicate of #620 Mar 1, 2023
@hf hf closed this as completed Mar 1, 2023
@julian-hecker
Copy link

I am also having the issue with AsyncStorage. I can create a supabase client in expo just fine, but sessions aren't stored. As soon as I add storage: AsyncStorage, running the project gives ReferenceError: window is not defined.

@dongnez
Copy link

dongnez commented Nov 2, 2023

This issue still valid for me:

export const supabase_c = createClient(SUPABASE_PROJECT_URL, SUPABASE_KEY, {
  auth: {
    storage: new LargeSecureStore(),
    autoRefreshToken: true,
    persistSession: true,
    detectSessionInUrl: false,
  },
});

//Also I tried:
supabase_c.auth.refreshSession().then((res)=>{
            console.log("REFRESH SESSION",res)
        }).catch((error)=>{
            console.log("ERROR REFRESH SESSION",error)
        })

Nothing is working. AutoRefreshToken:true not work, neither refreshSession().

My "solution" right now is set the token to 5 days and logout the user by that time

@elliott44k
Copy link

This issue still valid for me:

export const supabase_c = createClient(SUPABASE_PROJECT_URL, SUPABASE_KEY, {
  auth: {
    storage: new LargeSecureStore(),
    autoRefreshToken: true,
    persistSession: true,
    detectSessionInUrl: false,
  },
});

//Also I tried:
supabase_c.auth.refreshSession().then((res)=>{
            console.log("REFRESH SESSION",res)
        }).catch((error)=>{
            console.log("ERROR REFRESH SESSION",error)
        })

Nothing is working. AutoRefreshToken:true not work, neither refreshSession().

My "solution" right now is set the token to 5 days and logout the user by that time

Have you tried using supabase.auth.startAutoRefresh()?
Docs

I'm reading through the docs as I organize tools ahead of the start of my project, and this is something I noticed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@hf @elliott44k @uze @julian-hecker @GaryAustin1 @dongnez