search

supabase / auth-js

An isomorphic Javascript library for Supabase Auth.
MIT License
356 stars 160 forks source link

Twitter and social auth redirectUrl is unreliable #797

Closed samducker closed 9 months ago

samducker commented 11 months ago

Bug report

Describe the bug

I am experiencing the following issue when using social authentication and the issue is that the redirectUrl is not consistently respected, and the issue I'm facing is intermittent sometimes it works absolutely as intended other times it will just redirect to the home page, I can confirm the issue is not with my app.

My flow

User goes through form process in my app -> At the point of creating auth record I pass through the direct url (which has been validated before it comes into this function) -> some of the time it will go correctly to my /api/auth/callback route as intended which does the code exchange other times it will go to the home page which will cause my signup flow to fail for the end user.

async function continueWithSocialAuth(social: 'linkedin' | 'twitter', params: string) {
    await supabase.auth.signInWithOAuth({
      provider: social,
      options: {
        redirectTo: `${location.origin}/api/auth/callback?${params}&redirect=/signup/auth`
      }
    });
  }

To Reproduce

Steps to reproduce the behavior, please provide code snippets or a repository:

  1. Go to '…'
  2. Click on '…'
  3. Scroll down to '…'
  4. See error

Expected behavior

A clear and concise description of what you expected to happen.

Screenshots

What happens when it works, my callback route handles the logic to redirect back to frontend after code exchange and stripe checkout.

https://github.com/supabase/supabase/assets/25123915/a7979b5e-e9b3-4f38-a684-b786d1985573

What happens when it doesnt work instead of the above it will just redirect to the main site url with the code in query params instead of redirecting to the redirectUrl.

System information

Had issues on chrome desktop and safari iOS

Additional context

I have added all of the urls I am using to twitter redirect urls and supabase.

hf commented 9 months ago

I don't think this is an issue with the library, but a setup issue with your project. Please open a new support ticket so we can investigate your setup privately: https://supabase.help.

Thanks!