Open KirioXX opened 1 year ago
Yes i am using it for a custom api. Actually i dont know if the refresh fails as i cant see any logs from the phone. The refreshsession should be able to get a new token right ? The above code i supplied should be sufficient ?
Im am doing some further tests at the moment to see if i can find a pattern. I might be able to get my flutter developer to help me debug a phone next week so we can do more prints and see output.
Yeah your code should generally work. Two things though to consider
isExpired
getter on the session, because it adds a 5 second buffer.Hi @dshukertjr, sorry for the delayed response. We where not able to test it, but we just started rolling out to a new customer so I should be able to give you feedback in a couple days on this issue. What though noticed is that we have with the new version some strange behaviour with the streams, I created a new issue for that: https://github.com/supabase/supabase-flutter/issues/604
Error: PostgrestException(message: JWT expired, code: PGRST301, details: Unauthorized, hint: null)
.
I'm curious about the progress of this issue. Starting my application I am already logged in, the event AuthChangeEvent.signedIn is fired (session is recovered).
I've checked the calls the state changes and also the session recovery in supabase_auth.dart
it all looks fine. It's failing on an RPC call, I've also checked the postgrest_builder.dart
and the configuration of the AuthHttpClient. There is nothing wrong, however, the backend doesn't like it. How I've determined it's okay is the expiresAt and currentTime values being used results in the token are still valid.
I'm going to close this issue as we have implemented many updates to mitigate the original issue of the access token not refreshing properly, but if anyone is still experiencing the same issue, please let us know in the comments and we will re-open this one.
In our case we get expired token in our login handler every time when user starts the app when stored access token (1h expiration time already expired)
Likely because: tokenRefreshed
event is sent before: _saveSession
finishes, so any code that relies on: tokenRefreshed
event and: Supabase.instance.client
will generate 403 until the _saveSession
finalizes.
gotrue-2.3.0/lib/src/gotrue_client.dart
_saveSession(authResponse.session!);
if (!_refreshTokenCompleter!.isCompleted) {
_refreshTokenCompleter!.complete(authResponse);
}
notifyAllSubscribers(AuthChangeEvent.tokenRefreshed);
@tomekit
In our case we get expired token in our login handler every time when user starts the app when stored access token (1h expiration time already expired)
The token being expired on app launch shouldn't be an issue as the token should be automatically refreshed before making an API request.
so any code that relies on:
tokenRefreshed
Do you have any code that you use that relies on tokenRefreshed
event?
What exactly are you experiencing? Do you get PostgrestException
with error code PGRST301
thrown when making API request?
Describe the bug We had this week quite a lot of users where the JWT expired. There users where not logged out instead they had to close and reopen the app to trigger the logout.
In our logs we have seen a lot of these errors:
To Reproduce Steps to reproduce the behavior:
Expected behavior User is getting logged out either when the JWT expires or when the try to make a request.
Screenshots
Version (please complete the following information): On Linux/macOS Please run
dart pub deps | grep -E "supabase|gotrue|postgrest|storage_client|realtime_client|functions_client"
in your project directory and paste the output here.On Windows Please run
dart pub deps | findstr "supabase gotrue postgrest storage_client realtime_client functions_client"
in your project directory and paste the output here.Additional context Add any other context about the problem here.