Closed XStarlink closed 4 months ago
Can you have a try with the latest release? https://github.com/nuxt-modules/supabase/releases/tag/v1.3.1
You can open it back if it's not fixed.
Can you have a try with the latest release? https://github.com/nuxt-modules/supabase/releases/tag/v1.3.1
You can open it back if it's not fixed.
@larbish On NPM the module is still in 1.2.2, I can't install the latest version for testing because it's not available (yet).
But thank you for all your hard work !
Should be good now!
Should be good now!
@larbish
I've just installed it and I get an error message when I launch Nuxt, I've even tried deleting the package.lock and the node_modules to reinstall all packages but I still get this message.
Uncaught SyntaxError: The requested module '/_nuxt/@fs/Users/quentin/Code/my-app/node_modules/@supabase/postgrest-js/dist/cjs/index.js?v=64b02254' does not provide an export named 'default' (at wrapper.mjs:1:8)
Thats point to:
The app won't launch, I just get a blank page
Indeed, I've seen this error which is not happening in the playground... I fixed it in 1.3.2! Sorry, I hope it's ok now.
@larbish Hello, I've done a lot of tests and I still have the problem of the session not refreshing in my app,
I think we can reopen this issue.
I'm asking a lot of questions all over the Supabase ecosystem to understand and solve this problem.
In your own projects that use this lib, if you don't touch the project tab for 1 day and you come back to it, are you still connected or not?
@felixgabler Thanks for your work on the new version which uses ssr!
Sorry to ping you here but I have a small question, I've been trying for a few weeks to solve a problem which is that my users session are deleted from auth.session at some point by something. I've gone through all the docs, read a lot of issues to find out what's going on, but I haven't found the reason yet.
I wanted to ask you if in your project the session refresh works correctly and if you can, for example, close the browser for a few days then come back to your app and still be connected? (In Supabase's Github one of the devs of their Auth lib told me that there was normally no problem with this, but since I've been using this module for +6 months I've never managed to stay connected for several days).
Or more simply, can you be logged in on a tab, not touch it for a day, come back to it and still be logged in?
I used debug: true
in the config to see what was going on, and I can see the logs of auth which refreshes regularly, except that when I paste the access token into jwt.io and take the session_id to look for it in the auth.session table there's nothing.... (But just after a login yes ! and if I use the app continuously yes, but if I stop more than one hour, something delete the session)
How is it possible to still be connected to the front end, being able to perform actions on the DB, but without a valid session!?
GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.106Z #_autoRefreshTokenTick() begin
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.106Z #_acquireLock begin 0
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.107Z #_acquireLock lock acquired for storage key sb-ywazevpallcihcdmurdx-auth-token
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.107Z #_useSession begin
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.107Z #__loadSession() begin
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.108Z #getSession() session from storage {access_token: 'eyJhbGciOiJIUzI1NiIsImtpZCI6InhtWHpNWjBtUUVVbjR5V3…xzZX0.8VvSxuea56oynR7L4WdInS4MLSM0hCi3Y4UtIoZILYU', token_type: 'bearer', expires_in: 604800, expires_at: 1720802658, refresh_token: 'L_HAIMidKYmWcIQ8lUo8zQ', …}
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.108Z #__loadSession() session has not expired expires_at 1720802658
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.108Z #__loadSession() end
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.108Z #_autoRefreshTokenTick() access token expires in 11378 ticks, a tick lasts 30000ms, refresh threshold is 3 ticks
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.108Z #_useSession end
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.108Z #_autoRefreshTokenTick() end
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.108Z #_acquireLock lock released for storage key sb-ywqazepallcihcdmurdx-auth-token
GoTrueClient.ts:266 GoTrueClient@0 (2.64.2) 2024-07-08T17:54:50.108Z #_acquireLock end
I still don't understand where this could be coming from, after a lot of researchs it seems that there are many of people in this situation but no one has found a solution...
If you have any advice or info I'd be grateful, Thanks again for your work!
Hi! As far as I know, it should not be possible to be logged out in the frontend and still being able to perform restricted DB actions. The DB will receive your authentication credentials from the JWT. I'm sorry if this is no real new insight.
As for the issue where you get logged out after a while, I don't think this happens for us. We haven't received complaints at least and I've stayed logged in over weekends.
I'm hoping things will become more stable with the 1.0.0 release of @supabase/ssr
@felixgabler Thank you much for your reply,
I have the impression that since a few days they have changed something on their side because I have really much less log Unauthorized coming from my users than before while I have strictly changed nothing since I updated this module which includes the SSR.....
I hope as you say that with the release of v1.0 it will be completely stable.
Thanks again for all your hard work!
Version
@nuxtjs/supabase: 1.2.2 nuxt: 3.12.3
Reproduction Link
https://stackblitz.com/edit/nuxt-starter-v3dd6h
Problem
Our Nuxt web application is experiencing a critical issue affecting user experience since few months. After approximately one hour of inactivity on a tab, users receive an "Unauthorized" error when attempting to perform an action on the webapp.
Problem details
supabase.auth.getUser()
before executing the code of each route to authenticate the user. (By the way, I don't useawait serverSupabaseUser(event)
because it uses getSession() and this is not recommended by Supabase on the server side)supabase.auth.signOut()
, it fails with the error:which leaves my users unable to do anything, they can no longer perform actions or log themselves out, I'm starting to get a lot of complaints about this.
To try to debug, I have currently followed these steps:
supabase.auth.getUser()
on the server side. They both contain a sb-access-token and a sb-refresh-token.exp
(expiration time) andiat
(issued at), no problem on that side, theexp
was further away thaniat
)Which leads me to think that there's a problem with the session refresh, something must be wrong and the session isn't properly refreshed.
Steps to reproduce
Not easy to reproduce because you have to wait for a period of inactivity in the tab containing the webapp where you are logged in. When I'm developing new features, I regularly get the bug I'm describing here. I come back to the tab and want to perform an action, but I get "Unauthorized" (which is the error returned from the API route when the user is not found).
What is Expected?
The refresh session must be reliable and a user can stay connected for two weeks if he wants to.
What is actually happening?
The user is randomly disconnected after one hour, his session is lost and non-existent in Supabase's auth.sessions table.
Thank you for the work you have done with this module.