I am using the @nuxtjs/supabase package and I encounter a bug described in this issue.
I am not able to use other PKCE flows because each time the third app redirects to my main app, GoTrueClient tries to refresh the session with the incorrect code parameter in the URL despite using detectSessionInUrl at initialization of GoTruClient.
I believe this function _isPKCEFlow should only watch specific URLs to manage other PKCE flows.
To Reproduce
Setup a project with nuxt/supabase.
Build a simple authentification system.
On any page, use a query parameter ?code=random.
Expected behavior
Automatically, the GoTrueClient will try to set up a session at initialization and logout current user which is problematic.
Bug report
Describe the bug
I am using the @nuxtjs/supabase package and I encounter a bug described in this issue.
I am not able to use other PKCE flows because each time the third app redirects to my main app, GoTrueClient tries to refresh the session with the incorrect code parameter in the URL despite using
detectSessionInUrlat initialization of GoTruClient.I believe this function _isPKCEFlow should only watch specific URLs to manage other PKCE flows.
To Reproduce
?code=random.Expected behavior
Automatically, the GoTrueClient will try to set up a session at initialization and logout current user which is problematic.
Screenshots