safeGetSession() useless with getClaims() ?
Hi there!
I'm currently following this guide and this video to use the new JWT Signing Keys. But since they verify the signature locally or else from Supabase's servers, safeGetSession() that calls getUser() (so from Supabase's servers) is basically useless, no? And same with getSession, it's pretty much useless, no?
2 Replies
Depends on what functionality you need where.
getClaims, when using the new jwt signing keys, doesn't verify certain things that getUser would - like if a user is banned, has been logged out globally, etc. There are a couple other examples that I can't think of off the top of my head right now.
Otherwise, I'd say yes it replaces the others in an indirect way (i.e. returns jwt claims, not a Session, etc)
Thanks a lot!