supabase / auth-helpers

A collection of framework specific Auth utilities for working with Supabase.

https://supabase.github.io/auth-helpers/

MIT License

893 stars 240 forks source link

ssr not obeying redirectTo #710

Closed sroussey closed 5 months ago

sroussey commented 6 months ago

Bug report

[x] I confirm this is a bug with Supabase, not with my own application.
[x] I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

The redirectTo param here:

const { data, error } = await supabaseClient.auth.signInWithOAuth({
      provider,
      options: {
        redirectTo: getURL(),
      },
    });

Does not result in a redirect.

To Reproduce

goto https://embarc-8e6ubad6g-sroussey.vercel.app/signin
use google signin
see next request is ok:
see next request is ok:
Not sure if this is ok or not:
Then redirects to home page of domain, not good.

Expected behavior

Should end with code at url /signin/callback

dijonmusters commented 5 months ago

The auth-helpers and ssr packages use the PKCE auth flow, which requires an auth code to be exchanged for the users session before redirecting to the page you want the user to land on after the authentication process completes.

Check out this one for creating the code exchange route and setting the redirectTo to /auth/callback, then this one for an example of using a query param called "next" to declare where you want the user to be redirected to after the entire authentication flow completes 👍