Closed artykr closed 8 months ago
I've been experiencing issues with the chunking as well - slightly different to the issue here though.
Seems like a potential workaround could be to implement the new auth hooks they announced last week to remove a bunch of data from the jwt's to avoid them ever exceeding the chunking size:
https://supabase.com/blog/supabase-auth-identity-linking-hooks
Also experiencing this issue in next.js with the ssr package.
hi @artykr, @astonfuture, @dalkommatt, we've fixed this issue in #726 for the supabase/ssr package - please try again and let us know if it's still a problem for you
We are getting the split auth cookie as well, how can we join it in our FE to read the cookie value properly?
@bombillazo, just to clarify, the cookie is being set but it is being split into multiple cookies: like cookiename.1
, cookiename.2
, etc.?
That is the intended behavior (otherwise the cookie would be too long and fail to set entirely), and @supabase/ssr
accounts for this under the hood.
Do you need to access the cookie in your own FE code?
Hey, yes that is exactly the case, we need to read it in our FE code, are there any helpers in the supabase lib that does this or anyway to reconstruct the token value from the cookies?
Gotcha. We don't expose any helper functions for that. The code is pretty short, so you could copy-paste into your own utility functions, though honestly it might be easier to do a getSession
call, which can get you the access token.
(You say FE so I assume you're running this code in the browser, just a friendly reminder never to use getSession
on the server. If you need the cookie there, you should always, always call getUser
first to make sure the JWT gets validated.)
Thanks! We need this at places in our code where a supabase client is not possible to be instantiated, or we want to directly confirm with the browser cookies.
Bug report
Describe the bug
Context: I ran into this in a Remix app but other implementations may be affected potentially.
When a user signs up using an email and then logs in through an external provider, like GitHub, for instance, the
app_metadata
value now includes two providers:email
andGitHub
:supabase/ssr splits the auth-token cookie into two chunks in this case:
xxx-auth-token.0
andxxx-auth-token.1
. According to the example here: https://supabase.com/docs/guides/auth/server-side/creating-a-client?framework=remix, I'm callingserialize
on a chunk that produces a slightly longer string. The first chunk becomes too big and gets skipped by the browser.To Reproduce
fly.toml
, set the environment variables mentioned in the README as secrets for the fly app, and runfly deploy
.Expected behavior
The cookie chunks don't exceed the browser size limit, and the user gets logged in as expected.
System information