nuxt-modules / supabase

Supabase module for Nuxt.
https://supabase.nuxtjs.org
MIT License
704 stars 128 forks source link

signOut not removing cookie #246

Open stlbucket opened 1 year ago

stlbucket commented 1 year ago

https://github.com/nuxt-modules/supabase/issues/114

I think that the release that removed useSupabaseAuthClient has reintroduced this bug

https://github.com/stlbucket/nuxt-supabase-client-signout-bug

That is a minimal reproduction of the issue.

andi-hk commented 10 months ago

I can confirm this, tested with Chrome. After logout, when trying to access the restricted page, it still rendered the restricted page before redirecting. This does not happen when deleting the cookies manually.

As a workaround I manually delted both access-token and refresh-token on SignOut. This worked for me as I could not render the restricted page afterwards.

async function signOut() {
  try {
    const { error } = await client.auth.signOut();

    const authAccessToken = useCookie("sb-access-token");
    authAccessToken.value = null;

    const authRefreshToken = useCookie("sb-refresh-token");
    authRefreshToken.value = null;

    router.push("/login");
  } catch (error) {
    console.log(error.message);
  }
}
rafaelmagalhaes commented 2 months ago

facing a similar issue and for some reason the router.push('/login') wasn't working after signout even after clearing cookies

expanding on solution above I created a function to clear all cookies then redirect to login

const useCookieHelpers = () => {
  const deleteAllCookies = () => {
    const cookies = document.cookie.split(';');

    for (let i = 0; i < cookies.length; i++) {
      const cookie = cookies[i];
      const eqPos = cookie.indexOf('=');
      const name = eqPos > -1 ? cookie.substr(0, eqPos) : cookie;
      document.cookie = name + '=;expires=Thu, 01 Jan 1970 00:00:00 GMT';
    }
  };
  return {
    deleteAllCookies,
  };
};

export default useCookieHelpers;

on my logout function

const client = useSupabaseClient<Database>();
const { deleteAllCookies } = useCookieHelpers();
const handleLogout = async () => {
    await client.auth.signOut();
    deleteAllCookies();
    location.replace(`${location.origin}/login`);
};