search

supabase / auth-js

An isomorphic Javascript library for Supabase Auth.
MIT License
349 stars 155 forks source link

AuthApiError "Invalid login credentials" has undefined `code` #937

Closed peterkos closed 2 weeks ago

peterkos commented 1 month ago

Bug report

Describe the bug

When attempting to login a user with invalid credentials, the returned error is missing a code:

const { data, error } = await supabase.auth.signInWithPassword({
  email: loginDto.email,
  password: loginDto.password,
});
if (isAuthApiError(error)) {
  if (error.code == 'user_not_found') {
    throw new UnauthorizedException();
  } else {
    throw new InternalServerErrorException(
      `Unhandled Supabase auth error code: ${error}`, // <-- error.code undefined
    );
  }
} else { /* ... */ }

Output:

Unhandled exception: {
  "statusCode": 500,
  "message": "Unhandled Supabase auth error code: AuthApiError: Invalid login credentials",
  "error": "Internal Server Error"
}

The source of AuthAPIError has code as undefined: https://github.com/supabase/auth-js/blob/29fc62ce2da7ca60504d2513012fd3bb2820e632/src/lib/errors.ts#L78-L82

To Reproduce

  1. Perform supabase.auth.signInWithPassword({ /* ... */ }) with incorrect credentials
  2. Observe error.code is undefined

Expected behavior

Per docs:

Use isAuthApiError instead of instanceof checks to see if an error you caught is of this type.

Do not use string matching on error messages! Always use the name and code properties of error objects to identify the situation.

code should be defined for an AuthApiError.

Screenshots

If applicable, add screenshots to help explain your problem.

System information

peterkos commented 1 month ago

It looks like this is also here: https://github.com/supabase/auth/issues/1631

I figured this issue was JS-specific, but it appears not?

peterkos commented 1 month ago

My workaround:

if (isAuthApiError(error)) {
  if (error.code == 'user_not_found') {
    throw new UnauthorizedException();
  } else {
    throw new UnauthorizedException(`${error}`);
  }
} else if (error) {
  throw new InternalServerErrorException(
    `Unhandled unknown error: ${error}`,
  );
}
J0 commented 2 weeks ago

Hey,

Thanks for flagging the issue. A fix has been merged and this should be patched later this week or early next week with our next deploy

Hope this helps. I'm going to close for now but feel free to re-open or head to #804 if there are any issues after upgrading. You can track the version under Settings > Infrastructure > Service Versions > Auth version. Should be good to go once your project version is v2.159.0 or later