Comments (6)
Be careful here. The code doesn't seem to take into account when cookies are chunked for storage.
from auth-js.
Be careful here. The code doesn't seem to take into account when cookies are chunked for storage.
@j4w8n The supabase client is a @supabase/ssr
's server client, it should be rewriting storage functions to handle this, might need some more type safety here though in case someone misses utils/supabase/server.ts.
from auth-js.
Be careful here. The code doesn't seem to take into account when cookies are chunked for storage.
@j4w8n The supabase client is a
@supabase/ssr
's server client, it should be rewriting storage functions to handle this, might need some more type safety here though in case someone misses utils/supabase/server.ts.
@Zanzofily ok. I was just going by grabbing the cookie with next stuff here and thought that might be an issue if the the session is broken into two cookies.
from auth-js.
@Zanzofily ok. I was just going by grabbing the cookie with next stuff here and thought that might be an issue if the the session is broken into two cookies.
@j4w8n You are right, I see what you mean now.
createChunks
would definitely mess up getAuthTokensFromCookies
function in my implementation. It seems that user_metadata
can cause the cookie to grow, this field doesn't belong to cookies imo.
from auth-js.
Both app_metadata
and user_metadata
can grow the JWT, it has happened to us already.
from auth-js.
Both
app_metadata
anduser_metadata
can grow the JWT, it has happened to us already.
I see. Someone opened a PR to handle this on the workaround package I created, would merge it once it's ready.
from auth-js.
Related Issues (20)
- Functions that call `_removeSession` internally do not trigger `SIGNED_OUT` event when the function fails HOT 5
- `GoTrueClient` Memory Leak HOT 24
- No recovery email sent after sign up a second time after provider login HOT 1
- Error: Permission denied to access property "then" for Firefox Extensions HOT 1
- supabase.auth.signInWithIdToken() authunknownerror when used on real ios device
- Add missing 'is_anonymous' property to the User type
- Can't get rid of getUser() warning HOT 121
- "User with this email not found" error when using generateLink HOT 9
- Google OAuth doesn't work in Safari with next-js-auth-helpers HOT 1
- New, unsigned in user can not be deleted from supabase console. HOT 1
- [email protected] breaks client auth with edge functions HOT 15
- New error code is missing in error object
- user object warning logged, even when not touching `session.user` HOT 21
- Global supabase.auth.signOut() doesn't fire the "SIGNED_OUT" event for onAuthStateChange in other instances where a user is logged in HOT 5
- Current session lost when auth function call fails
- Impossible to check null session without getSession warning HOT 9
- `getSession` should validate the session with the JWT_SECRET HOT 2
- getAuthenticatorAssuranceLevel() triggers "getSession() could be insecure" warnings HOT 1
- PKCE flow issue with other than supabase `code` query in URL
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from auth-js.