If there is no session (i.e. no JWT/access token), getUser() cannot possibly work. It now returns null user.
Previously, it just sent out a request without the JWT. When combined with @supabase/supabase-js which does some clever tricks with fetch by adding a default Authorization header using the Supabase anon API key, if you called getUser() at the wrong time an error such as missing sub claim error message would be thrown by Supabase Auth.
(Unfortunately the Supabase anon API key is signed with the same JWT secret, so it's hard to disambiguate why this is happening.)
If there is no session (i.e. no JWT/access token),
getUser()
cannot possibly work. It now returns null user.Previously, it just sent out a request without the JWT. When combined with
@supabase/supabase-js
which does some clever tricks withfetch
by adding a defaultAuthorization
header using the Supabaseanon
API key, if you calledgetUser()
at the wrong time an error such asmissing sub claim
error message would be thrown by Supabase Auth.(Unfortunately the Supabase
anon
API key is signed with the same JWT secret, so it's hard to disambiguate why this is happening.)