How to get session from a SSR application?

miguel.e · 2022-09-22T15:52:48.231Z

Maybe I'm missing something, but this feels like a bug. I have a Remix project and from the advice on Github, I created a SupabaseClient per route request by passing the users accessToken to `global.headers` With this configuration, unfortunately, I'm unable to get session or user. Is this expected? More details in the issue I reported: https://github.com/supabase/gotrue-js/issues/450 P.S. Too many auth issues with supabase... It's a bit concerning. Hopefully this is an oversight on my end

G

garyaustin•9/22/22, 4:12 PM

Seems dropping setAuth keeps leading to issues.
But it is not clear setAuth did before what you think anyway.
All it was documented to do was

Overrides the JWT on the current client. The JWT will then be sent in all subsequent network requests.

Overrides the JWT on the current client. The JWT will then be sent in all subsequent network requests.

Overrides the JWT on the current client. The JWT will then be sent in all subsequent network requests.

Overrides the JWT on the current client. The JWT will then be sent in all subsequent network requests.

 /**
   * Overrides the JWT on the current client. The JWT will then be sent in all subsequent network requests.
   * @param access_token a jwt access token
   */
  setAuth(access_token: string): Session {
    this.currentSession = {
      ...this.currentSession,
      access_token,
      token_type: 'bearer',
      user: this.user(),
    }

    this._notifyAllSubscribers('TOKEN_REFRESHED')

    return this.currentSession
  }

 /**
   * Overrides the JWT on the current client. The JWT will then be sent in all subsequent network requests.
   * @param access_token a jwt access token
   */
  setAuth(access_token: string): Session {
    this.currentSession = {
      ...this.currentSession,
      access_token,
      token_type: 'bearer',
      user: this.user(),
    }

    this._notifyAllSubscribers('TOKEN_REFRESHED')

    return this.currentSession
  }

 /**
   * Overrides the JWT on the current client. The JWT will then be sent in all subsequent network requests.
   * @param access_token a jwt access token
   */
  setAuth(access_token: string): Session {
    this.currentSession = {
      ...this.currentSession,
      access_token,
      token_type: 'bearer',
      user: this.user(),
    }

    this._notifyAllSubscribers('TOKEN_REFRESHED')

    return this.currentSession
  }

 /**
   * Overrides the JWT on the current client. The JWT will then be sent in all subsequent network requests.
   * @param access_token a jwt access token
   */
  setAuth(access_token: string): Session {
    this.currentSession = {
      ...this.currentSession,
      access_token,
      token_type: 'bearer',
      user: this.user(),
    }

    this._notifyAllSubscribers('TOKEN_REFRESHED')

    return this.currentSession
  }

Although it does/did update the session variable with the jwt, it does not actually change the user object. this.user() would still be what ever user info was there before if any.... IF I READ IT CORRECTLY.
But posting your issue and linking to the setAuth discussion hopefully brings more focus on the impact of the change.

M

miguel.eOP•9/22/22, 4:18 PM

you're right, it was just an inline change to access token.

What I had to do to get a user was to call

supabase.auth.api.getUser(session.get('access_token'))

supabase.auth.api.getUser(session.get('access_token'))

supabase.auth.api.getUser(session.get('access_token'))

supabase.auth.api.getUser(session.get('access_token'))

supabase.auth.api

supabase.auth.api

supabase.auth.api

supabase.auth.api was removed in v2. I presumed in favor of

supabase.auth.getUser

supabase.auth.getUser

supabase.auth.getUser

supabase.auth.getUser. But of course getUser does not work.

--

M

miguel.eOP•9/22/22, 4:19 PM

Hopefully we'll get some eyes on this, but I decided to downgrade back to v1 and make sure a SupabaseClient is created per route request

M

miguel.eOP•9/22/22, 4:21 PM

That at least was clear to me. I originally had a Remix setup with a global supabase client, but since it's reused across multiple request it didn't make sense. Now I've made it so each request handles it's own supabase client

How to get session from a SSR application?

Similar Threads

Similar Threads

Similar Threads