If there is no session (i.e. no JWT/access token), getUser() cannot possibly work. It now returns null user.
Previously, it just sent out a request without the JWT. When combined with @supabase/supabase-js which does some clever tricks with fetch by adding a default Authorization header using the Supabase anon API key, if you called getUser() at the wrong time an error such as missing sub claim error message would be thrown by Supabase Auth.
(Unfortunately the Supabase anon API key is signed with the same JWT secret, so it's hard to disambiguate why this is happening.)
If there is no session (i.e. no JWT/access token),
getUser()cannot possibly work. It now returns null user.Previously, it just sent out a request without the JWT. When combined with
@supabase/supabase-jswhich does some clever tricks withfetchby adding a defaultAuthorizationheader using the SupabaseanonAPI key, if you calledgetUser()at the wrong time an error such asmissing sub claimerror message would be thrown by Supabase Auth.(Unfortunately the Supabase
anonAPI key is signed with the same JWT secret, so it's hard to disambiguate why this is happening.)