search

supabase / supabase-js

An isomorphic Javascript client for Supabase. Query your Supabase database, subscribe to realtime events, upload and download files, browse typescript examples, invoke postgres functions via rpc, invoke supabase edge functions, query pgvector.
https://supabase.com
MIT License
2.83k stars 219 forks source link

The 'cache' field on 'RequestInitializerDict' is not implemented - Cloudflare Workers #1001

Closed davbauer closed 1 week ago

davbauer commented 1 month ago

Bug report

Describe the bug

When using the following method

supabase.auth.getUser(jwt?: string)

in my wrangler clouflare workers api I get following error:

  --> POST /jwt/plan/current/55524767-a973-410f-b139-3794d4efbb2e 401 1ms
✘ [ERROR] Error: The 'cache' field on 'RequestInitializerDict' is not implemented.

      at checkURL
  (file:///Users/david/Documents/github/vinna-ai/api/app/.wrangler/tmp/bundle-ieatTC/checked-fetch.js:9:9)
      at Object.apply
  (file:///Users/david/Documents/github/vinna-ai/api/app/.wrangler/tmp/bundle-ieatTC/checked-fetch.js:27:3)
      at null.<anonymous>
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/lib/helpers.ts:103:23)
      at _handleRequest
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/lib/fetch.ts:178:20)
      at _request
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/lib/fetch.ts:151:22)
      at SupabaseAuthClient._getUser
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1188:22)
      at SupabaseAuthClient.getUser
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1168:25)
      at authSupabaseMiddleware
  (file:///Users/david/Documents/github/vinna-ai/api/app/src/middleware/authSupabase.ts:35:56)
      at dispatch
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:29:23)
      at null.<anonymous>
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:30:20)
  Error while getting user by access_token  AuthRetryableFetchError: The 'cache' field on
  'RequestInitializerDict' is not implemented.
      at _handleRequest
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/lib/fetch.ts:188:11)
      at _request
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/lib/fetch.ts:151:22)
      at SupabaseAuthClient._getUser
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1188:22)
      at SupabaseAuthClient.getUser
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1168:25)
      at authSupabaseMiddleware
  (file:///Users/david/Documents/github/vinna-ai/api/app/src/middleware/authSupabase.ts:35:56)
      at dispatch
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:29:23)
      at null.<anonymous>
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:30:20)
      at defaultMiddleware
  (file:///Users/david/Documents/github/vinna-ai/api/app/src/middleware/default.ts:87:9)
      at dispatch
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:29:23)
      at null.<anonymous>
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:30:20) {
    __isAuthError: true,
    status: 0,
    code: undefined
  }

To Reproduce

I am using wrangler cloudflare worker and I am using hono for routing, but either way these lines should trigger the error:

const jwt: string = c.req.header("Authorization")?.split(" ")[1] ?? "";
const { data, error } = await supabase.auth.getUser(jwt);

After that data is null and error includes the error, which is pasted above.

Expected behavior

It should just get the user as usual, this problem occurred just since today for me.

Screenshots

System information

Additional context

Also not sure if its an issue from cloudflare wrangler itself. Reference to issue: https://github.com/cloudflare/workerd/issues/698

Would be cool to know if there is anything I can do, since I am not able to continue from there on.

For some reason I never stumbled into that problem 3 days ago and I have not changed any files / package versions, which I can verify by my git history and also recloning my project.

Could it be that something got updated from the server-side of supabase which my cloudflare worker can not handle anymore?

Thank you!

orenaksakal commented 1 month ago

I encountered same problem on cloudflare pages hosted sveltekit app.

Seems like it was introduced with this bump of auth-js https://github.com/supabase/supabase-js/releases/tag/v2.41.1 and reason being cache:no-store not supported by cloudflare workers https://github.com/supabase/auth-js/commit/034bee09c3f0a4613d9a3e7bd3bc5f70682f5a66

actuall this release introduced another problem https://github.com/supabase/auth-js/releases/tag/v2.63.0 Now you get warnings logged for

"Using supabase.auth.getSession() is potentially insecure as it loads data directly from the storage medium (typically cookies) which may not be authentic. Prefer using supabase.auth.getUser() instead. To suppress this warning call supabase.auth.getUser() before you call supabase.auth.getSession()."

Even if you are not using getSession() anywhere because SupabaseClient itself uses it

I see getAccessToken here is using getSession https://github.dev/supabase/supabase-js/blob/6cfed0c2f958b94b0c9ff064f9e120217b6ba4ec/src/SupabaseClient.ts#L244

and its used with fetchWithAuth here https://github.dev/supabase/supabase-js/blob/6cfed0c2f958b94b0c9ff064f9e120217b6ba4ec/src/lib/fetch.ts#L35

invoked on SupabaseClient's constructor here https://github.dev/supabase/supabase-js/blob/6cfed0c2f958b94b0c9ff064f9e120217b6ba4ec/src/SupabaseClient.ts#L103

Downgrading the version was a work around so I'm using 

"@supabase/ssr": "^0.1.0"
"@supabase/supabase-js": "^2.39.7"

to solve this problem

davbauer commented 1 month ago

@orenaksakal

Thanks for the comment.

I tried downgrading to the from you specified supabase-js version. I also tried using other older versions of the supabase-js package and downgrading to another older wrangler version.

This sadly all resulted in the same issue for me (Wrangler Cloudflare Worker).

How can this even be possible? I am 100% sure I deleted the node_modules, .wrangler folder, and the yarn.lock file and then reinstalled the packages.

davbauer commented 1 month ago

Remark.

Was able to temporarily fix it by specifying the auth-js version explicitly in the package.json.

{
    "@supabase/auth-js": "^2.62.0",
    "@supabase/supabase-js": "2.39.8"
    /* other packages */
}

Edit: Sometimes only including @supabase/auth-js does not fix the issue. In that case try to add the following to your package.json: (found out by: https://github.com/cloudflare/workerd/issues/698#issuecomment-2029490141) 

"overrides": {
    "@supabase/auth-js": "^2.62.0"
}
RaresAil commented 1 month ago

I have the same issue, the latest working version for me is ^2.40.0, i think is because of bump functions-js

raventos commented 1 month ago

This is causing Supabase Auth not to work when deployed to Cloudflare. Reverting back to an older version of supabase-js seems to be a temporary workaround.

nechmads commented 1 month ago

@raventos. This is super weird. When I use that fix on a new cloudflare worker project it works and the bug is gone. But when I do the same thing on our project, the bug still persist. I even did git pull to a new folder and tried to run the project there and I still get the same result. I can't explain it.

nechmads commented 1 month ago

There is something extremely weird, I suspect it relates to how npm works. I have a folder in which I had a new "hello world" cloudflare worker project which I added supabase to. First without the addition of "@supabase/auth-js": "^2.62.0". After adding the auth-js line, this project is working without showing the bug.

I now created a new hello world project, copied all the files from the working project to this one, and the bug returned.

I then copied the node_modules folder from the working project to the new one, and the new one started to work again. Note that the package.json file of both projects is identical, but until I copied the actual node_modules folder, one project was working and one was failing.

RaresAil commented 1 month ago

The issue is present and in version 2.42.0

hawkcookie commented 1 month ago

I have the same issue. How do we solve this error?

nechmads commented 1 month ago

For now the only solution that worked for me was to add the following to package.json: "@supabase/auth-js": "^2.62.0", "@supabase/supabase-js": "^2.39.8",

and "overrides": { "@supabase/auth-js": "^2.62.0" }

hawkcookie commented 1 month ago

@nechmads Thank you, that was really helpful. There was no urgent need to upgrade supabase-js to v2.41.1, so I ran yarn remove @supabase/supabase-js and then reinstalled it with 2.39.8. After that, everything started working normally again.

jdgamble555 commented 1 month ago

If you're using the right version of the package, you shouldn't have to override.

"@supabase/ssr": "^0.1.0",
"@supabase/supabase-js": "^2.39.8",

Version 2.39.8 will only have access to the gotrue 2.62.2 version. Just make sure to uninstall then reinstall it.

Hoping this gets fixed soon.

J

davbauer commented 1 month ago

@jdgamble555 This might be a solution for a group of people but for @nechmads and me downgrading was for some reason not enough.

And yes I made sure to clear the package cache, regenerate a package-lock.json etc.

nechmads commented 1 month ago

@davbauer The solution was to also add: "overrides": { "@supabase/auth-js": "^2.62.0" } to package.json. That solved it. Othrwise, somehow npm sometimes still linked to the newer version.

davbauer commented 1 month ago

@nechmads I am very well aware of that if you look at my previous/edited comments days ago.

I was just saying that for some people like you and me downgrading alone is not enough.

patbranchaud commented 4 weeks ago

"Error: The 'cache' field on 'RequestInitializerDict' is not implemented."

"@supabase/ssr": "latest",
"@supabase/supabase-js": "^2.40.0",

Cloudflare, nextjs, next-on-pages

hf commented 2 weeks ago

You can override the fetch for the time being by passing an option to createSupabaseClient(), as this is a security measure in NextJS that likes to cache things too eagerly sometimes. We're looking into removing it when deemed safe.

Check the globals.fetch option https://supabase.com/docs/reference/javascript/initializing

evwltrs commented 2 weeks ago

@hf

I tried overriding the fetch using the example in the docs and it doesn't fix the issue on SvelteKit. I'm not exactly sure what it means to override the fetch and how I should do it on SvelteKit so some extra clarification on how to use that option to fix this issue would be amazing.

I failed to notice I was using createServerClient from /ssr, which unfortunately doesn't have this option. Would appreciate some guidance on what to do then.

yankustefan commented 2 weeks ago

Hi @hf thanks for your helpful input!

The globals.fetch override works fine with createClient, but unfortunately not with createServerClient imported from @supabase/ssr, as @evwltrs has already mentioned.

I am using:

"@supabase/ssr": "^0.3.0",
"@supabase/supabase-js": "^2.42.4",
...
"@remix-run/cloudflare": "^2.8.1",
"@remix-run/cloudflare-pages": "^2.8.1",
"wrangler": "^3.50.0"

This is the error:

AuthRetryableFetchError: The 'cache' field on 'RequestInitializerDict' is not implemented.
      at _handleRequest2 (file:///xxx/node_modules/@supabase/auth-js/src/lib/fetch.ts:188:11)
      at async _request (file:///xxx/node_modules/@supabase/auth-js/src/lib/fetch.ts:151:16)
      at null.<anonymous> (async file:///xxx/.wrangler/tmp/dev-i7rAm1/functionsWorker-0.6340959581380707.js:42787:16)
      at async SupabaseAuthClient._useSession (file:///xxx/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1053:14)
      at async SupabaseAuthClient._getUser (file:///xxx/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1195:14)
      at null.<anonymous> (async file:///xxx/.wrangler/tmp/dev-i7rAm1/functionsWorker-0.6340959581380707.js:42773:58)
      at null.<anonymous> (async file:///xxx/.wrangler/tmp/dev-i7rAm1/functionsWorker-0.6340959581380707.js:42685:154) {
    __isAuthError: true,
    status: 0,
    code: undefined
  }
}

And also would appreciate some guidance on this.

yankustefan commented 2 weeks ago

addition: Using older versions as @jdgamble555 mentioned, does indeed not solve the error for me. I just get another one:

AuthApiError: invalid claim: missing sub claim
evwltrs commented 2 weeks ago

@yankustefan

I downgraded to "@supabase/supabase-js": "2.39.7" and it solved the issue for me. I haven't noticed the AuthApiError.

raventos commented 1 week ago

Still getting the error on "@supabase/auth-js": "^2.64.0"

RaresAil commented 6 days ago

Works in "@supabase/supabase-js": "^2.42.7", 👏🏻