Error: Cannot use cookies.set(...) after the response has been generated

[radiorambo]

Getting this error. Not every time I run npm run dev at random times but enough times to report issue.

/pathtoproject/node_modules/wrangler/wrangler-dist/cli.js:29573
            throw a;
            ^

Error: Cannot use `cookies.set(...)` after the response has been generated
    at event.cookies.set (/pathtoproject/node_modules/@sveltejs/kit/src/runtime/server/respond.js:553:11)
    at SvelteKitServerAuthStorageAdapter.setCookie (file:///pathtoproject/node_modules/@supabase/auth-helpers-sveltekit/dist/index.js:80:24)
    at /pathtoproject/node_modules/@supabase/auth-helpers-shared/dist/index.js:323:12
    at Array.forEach (<anonymous>)
    at SvelteKitServerAuthStorageAdapter.setItem (/pathtoproject/node_modules/@supabase/auth-helpers-shared/dist/index.js:322:19)
    at setItemAsync (/pathtoproject/node_modules/@supabase/gotrue-js/dist/main/lib/helpers.js:129:19)
    at SupabaseAuthClient._saveSession (/pathtoproject/node_modules/@supabase/gotrue-js/dist/main/GoTrueClient.js:1465:42)
    at SupabaseAuthClient._callRefreshToken (/pathtoproject/node_modules/@supabase/gotrue-js/dist/main/GoTrueClient.js:1406:24)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async SupabaseAuthClient.__loadSession (/pathtoproject/node_modules/@supabase/gotrue-js/dist/main/GoTrueClient.js:785:40)

Node.js v20.12.2```

[scosman]

I've seen this too, seems to be inside Supabase API. I think it's only on dev mode (at least I've never seen it on prod, confirmation would be good).

We have a PR updating that dependency (coupled to some SSR work). If we don't take that, we should at least bump the dep for this issue.

[mohd-saaduddin-ansari]

am facing this issue too - is there any fix coming soon ?

[scosman]

I updated deps yesterday. Can you try pull that and see if this is fixed? I couldn't repo this after the update.

[mez0ru]

I have just started using the template today, and I'm facing this issue too. So I can confirm, it's not fixed.

[activenode]

The reason why this happens is usually somewhat architecturally related. The auth-helpers package isn't recommended anymore and should be removed from this project. That's a first good step.

Reason why this can happen (and why it only happens occasionally): When the session gets refreshed (which is when it expires) and this is done in a context of Svelte were setting cookies is not allowed, then this error will pop up. Then, after refreshing the page, the session will usually be proper resolved in the first point and not appear for some more time until it expires etc.

Here's the most recent docs about supabase/ssr package: https://supabase.com/docs/guides/auth/server-side/creating-a-client?environment=middleware&queryGroups=framework&framework=sveltekit

[activenode]

I can try to take that task up as I'll be working on some similiar stuff anyways

[scosman]

Thanks @activenode !

Note: we also have a PR to move to SSR (but it's held up on another bug in supabase): https://github.com/CriticalMoments/CMSaasStarter/pull/63

Sounds related, so let's not double up work unless there's a clean fix for main separate from that.

[LeoStoch]

Hey, I had exactly the same issue and found a workaround for this - in hooks.server.ts I have added the following:

...
  const response = await resolve(event, {
    filterSerializedResponseHeaders(name) {
      return name === "content-range"
    },
  })

  return response

Once I was waiting to finish al session related it worked - seemes for me like the issue happens during the session check -> it happens prior to all relevant session related actions (supabase etc.)

[SuperGood-llc]

i tried the fix above and it broke my login page. the only solution i found was to clear my cookies to get my dev environment working again.

[scosman]

Related bug on supabase: https://github.com/supabase/auth-helpers/issues/466

[scosman]

this seems to be resolved by https://github.com/CriticalMoments/CMSaasStarter/pull/135

Let me know if anyone can still repo it.