Reset password trouble
Am using supabase through Netlify and my frontend sends an api call to backend to reset password. The email and link is OK, it arrives and authorizes the session and redirects to the new pw form. I then grab the access token like this:
const hashParams = new URLSearchParams(window.location.hash.substring(1))
const accessToken = hashParams.get('access_token')
and now the problem begins.. i need to initiate a client but i don't want to expose my link and anon key in the front-end. is there no way i can pass this access token to the backend and update the new password there?
Please help! Ty!
2 Replies
There is a lot of detail missing here. Generally you don't need to do any of the handling of the access token from the hash or anything like that if your app is a frontend app. If you are handling everything on the backend then you should be using the
@supabase/ssr client.i use netlify serverless functions for all other operations so i don't expose tokens on the frontend.. using cookies.. but the supabase resetpassword sends a link with access token anyway. is there a better way of doing it? i have no idea what is ssr and if i can use it on netlify