Vercel serverless Node.js API (NOT Next.js) can't auth user with Supabase
supabase-js version: 2.0.4
using Vite (not create-react-app) if that makes a difference.
I'm trying to build an API using Vercel serverless functions (NOT a Next.js API). I can't seem to be able to retrieve the user object from within the API handler. I'm not sure what I'm doing wrong and I see no meaningful error message in the returned error object or the Supabase log. This is the error object:
The Supabase event that appears to be raised by the call (what is
And the code in the API handler:
user is null and user.error contains the information pasted above.
I have no problem with auth in a Next.js API using createServerSupabaseClient from the auth-helpers-nextjs package.
Looking at the cookies, after authentication in the browser a cookie containing a JWT gets set in local storage. But the browser does not send that cookie along when requesting the API endpoint. The request headers do not contain the cookie. So I guess the API handler can't verify the user since there is nothing to verify.
I have no idea what's going on. Is this a bug or am I missing something obvious?
using Vite (not create-react-app) if that makes a difference.
I'm trying to build an API using Vercel serverless functions (NOT a Next.js API). I can't seem to be able to retrieve the user object from within the API handler. I'm not sure what I'm doing wrong and I see no meaningful error message in the returned error object or the Supabase log. This is the error object:
The Supabase event that appears to be raised by the call (what is
invalid claim: subject missingAnd the code in the API handler:
user is null and user.error contains the information pasted above.
I have no problem with auth in a Next.js API using createServerSupabaseClient from the auth-helpers-nextjs package.
Looking at the cookies, after authentication in the browser a cookie containing a JWT gets set in local storage. But the browser does not send that cookie along when requesting the API endpoint. The request headers do not contain the cookie. So I guess the API handler can't verify the user since there is nothing to verify.
I have no idea what's going on. Is this a bug or am I missing something obvious?
