Skip to content

fix(auth): stop spurious sign-out on refresh (auth-lock deadlock)#116

Merged
TheAngryRaven merged 1 commit into
mainfrom
claude/login-stripe-display-bug-zKWyF
Jun 2, 2026
Merged

fix(auth): stop spurious sign-out on refresh (auth-lock deadlock)#116
TheAngryRaven merged 1 commit into
mainfrom
claude/login-stripe-display-bug-zKWyF

Conversation

@TheAngryRaven

Copy link
Copy Markdown
Owner

What

The auth bootstrap awaited supabase.rpc('has_role') inside the onAuthStateChange callback. supabase-js v2 holds the GoTrue cross-tab Web Lock (navigator.locks) for the duration of that callback, so awaiting another auth-dependent call inside it deadlocks token refresh on reload — the SDK then signs the user out.

This fixes two symptoms that were actually one bug:

  1. Logged out on refresh. On reload the SDK tries to acquire the lock to refresh the persisted token; the awaited has_role RPC is holding it → refresh hangs → SDK emits SIGNED_OUTuser is wiped.
  2. Paid plan card disappears. Downstream of Add ubx support #1: when user goes null, useSubscription clears the subscription → effective tier falls back to free → the PlanSection / paid PricingCards collapse to the free view.

Why it looked like a caching issue

  • Incognito worked because there's no persisted token to refresh, so the initial event is a clean null session — no deadlock.
  • Only a full browser restart cleared it because a contended Web Lock survives page reloads but is reset on browser restart. That's the fingerprint of a lock/session issue, not HTTP/service-worker caching.

Fix

src/contexts/AuthContext.tsx: set session/user state synchronously in the onAuthStateChange callback and defer the admin-role RPC via setTimeout(0), so no Supabase call is ever awaited while the auth lock is held. Added a guard comment to prevent reintroduction.

The other onAuthStateChange listeners were audited and are already safe (autoSync.ts voids its reconcile; AuthCallback.tsx only navigates synchronously).

Testing

  • npm run lint
  • npm run typecheck
  • npm run test:run — 801 passed ✓
  • npm run build

No automated regression test: the bug lives in a React context useEffect, the repo has no React render test infra (vitest env is node, no testing-library), and contexts/** is excluded from coverage. Standing that up was judged disproportionate for this fix — happy to add it as a follow-up if desired.

Follow-ups (not in this PR)

  • useStripePrices only re-fetches on connectivity change, not sign-in/out (mostly moot once the spurious logout is gone).
  • supabase/client.ts omits storageKey/detectSessionInUrl — defaults are fine but worth pinning if multiple Supabase projects ever share an origin.

https://claude.ai/code/session_01R4MvBAJSBCs13thbkZEXTS


Generated by Claude Code

…esh sign-out

The auth bootstrap awaited supabase.rpc('has_role') inside the
onAuthStateChange callback. supabase-js holds the GoTrue cross-tab Web Lock
(navigator.locks) for the duration of that callback, so awaiting another
auth-dependent call inside it deadlocks token refresh on reload — the SDK
then signs the user out. Downstream, useSubscription clears the subscription
when user goes null, collapsing the plan to "free" and hiding the paid plan
card. The symptom only cleared on a full browser restart because the
contended Web Lock survives page reloads.

Set session/user state synchronously in the callback and defer the role
lookup via setTimeout(0), so no Supabase call is ever awaited while the lock
is held.
@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
dovesdataviewer cd26362 Commit Preview URL

Branch Preview URL
Jun 02 2026, 02:05 AM

@supabase

supabase Bot commented Jun 2, 2026

Copy link
Copy Markdown

This pull request has been ignored for the connected project tdxloldxzvnzdivdazzd because there are no changes detected in supabase directory. You can change this behaviour in Project Integrations Settings ↗︎.


Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

@github-actions

github-actions Bot commented Jun 2, 2026

Copy link
Copy Markdown

Coverage Summary

Lines: 36.91% (2583/6997) · Statements: 36% · Functions: 30.95% · Branches: 37.52%

Per-file coverage
File Lines Functions Branches
src/components/video-overlays/dataSourceResolver.ts 84.12% 70% 79.41%
src/components/video-overlays/overlayUtils.ts 100% 100% 100%
src/components/video-overlays/registry.ts 100% 100% 100%
src/components/video-overlays/sectorUtils.ts 94.73% 100% 84.37%
src/components/video-overlays/themes.ts 100% 100% 100%
src/components/video-overlays/types.ts 0% 100% 100%
src/hooks/use-mobile.tsx 0% 0% 100%
src/hooks/use-toast.ts 0% 0% 0%
src/hooks/useAuth.ts 100% 100% 100%
src/hooks/useDataLoader.ts 15.66% 18.18% 16.32%
src/hooks/useDocumentHead.ts 0% 0% 0%
src/hooks/useEngineManager.ts 0% 0% 0%
src/hooks/useFileManager.ts 0% 0% 0%
src/hooks/useKartManager.ts 100% 100% 100%
src/hooks/useLapManagement.ts 0% 0% 0%
src/hooks/useLapSnapshots.ts 0% 0% 0%
src/hooks/useNoteManager.ts 0% 0% 0%
src/hooks/useOnlineStatus.ts 0% 0% 0%
src/hooks/usePlayback.ts 0% 0% 0%
src/hooks/useReferenceLap.ts 0% 0% 0%
src/hooks/useSessionData.ts 0% 0% 0%
src/hooks/useSessionMetadata.ts 0% 0% 0%
src/hooks/useSettings.ts 0% 0% 0%
src/hooks/useSetupManager.ts 0% 0% 100%
src/hooks/useStripePrices.ts 0% 0% 0%
src/hooks/useSubscription.ts 0% 0% 0%
src/hooks/useTemplateManager.ts 0% 0% 0%
src/hooks/useTrackEditorForm.ts 0% 0% 0%
src/hooks/useVehicleManager.ts 0% 0% 100%
src/hooks/useVideoSync.ts 0% 0% 0%
src/integrations/lovable/index.ts 0% 0% 0%
src/lib/aimParser.ts 87.96% 100% 69.13%
src/lib/alfanoParser.ts 80.46% 100% 57.48%
src/lib/billing.ts 96.55% 100% 97.36%
src/lib/billingClient.ts 0% 0% 0%
src/lib/ble/test/mockBle.ts 100% 100% 50%
src/lib/ble/battery.ts 93.33% 100% 87.5%
src/lib/ble/connection.ts 0% 0% 0%
src/lib/ble/fileTransfer.ts 90.69% 95% 72.91%
src/lib/ble/format.ts 50% 100% 66.66%
src/lib/ble/index.ts 100% 100% 100%
src/lib/ble/internal.ts 100% 100% 50%
src/lib/ble/settings.ts 93.6% 100% 85.29%
src/lib/ble/trackSync.ts 89.69% 90.9% 70.96%
src/lib/ble/types.ts 100% 100% 100%
src/lib/bleDatalogger.ts 100% 100% 100%
src/lib/brakingZones.ts 97.14% 100% 86.11%
src/lib/browserCompat.ts 0% 0% 0%
src/lib/channels.ts 100% 100% 84.61%
src/lib/chartColors.ts 100% 100% 100%
src/lib/chartUtils.ts 0% 0% 0%
src/lib/courseDetection.ts 99.01% 100% 84.14%
src/lib/datalogParser.ts 18.51% 50% 17.39%
src/lib/db/index.ts 0% 0% 0%
src/lib/db/supabaseAdapter.ts 0% 0% 0%
src/lib/db/types.ts 100% 100% 100%
src/lib/dbUtils.ts 3.03% 0% 0%
src/lib/deviceSettingsSchema.ts 93.33% 100% 96.42%
src/lib/deviceTrackSync.ts 100% 100% 90%
src/lib/doveParser.ts 89.6% 72.72% 73.63%
src/lib/dovexParser.ts 76.56% 76.92% 47.27%
src/lib/emailValidation.ts 100% 100% 100%
src/lib/engineStorage.ts 0% 0% 100%
src/lib/engineUtils.ts 100% 100% 91.66%
src/lib/fieldResolver.ts 100% 100% 83.33%
src/lib/fileBrowserTree.ts 98.78% 97.22% 89.33%
src/lib/fileStorage.ts 2.17% 0% 0%
src/lib/garageEvents.ts 100% 100% 100%
src/lib/gforceCalculation.ts 100% 100% 100%
src/lib/graphPrefsStorage.ts 0% 0% 0%
src/lib/kartStorage.ts 0% 0% 0%
src/lib/lapCalculation.ts 96.12% 100% 90.32%
src/lib/lapDelta.ts 99.2% 100% 82.08%
src/lib/lapSnapshot.ts 100% 100% 88.46%
src/lib/lapSnapshotStorage.ts 0% 0% 0%
src/lib/motecParser.ts 4.29% 3.44% 0.69%
src/lib/nmeaParser.ts 85.62% 92.85% 71.22%
src/lib/noteStorage.ts 12.5% 13.33% 0%
src/lib/overlayCanvasRenderer.ts 0% 0% 0%
src/lib/parserUtils.ts 100% 100% 98.52%
src/lib/pendingCheckout.ts 58.82% 25% 100%
src/lib/profanity.ts 100% 100% 75%
src/lib/referenceUtils.ts 100% 100% 89.28%
src/lib/setupRevision.ts 100% 100% 88.23%
src/lib/setupRevisionStorage.ts 0% 0% 0%
src/lib/setupStorage.ts 0% 0% 0%
src/lib/speedBounds.ts 94.11% 66.66% 89.18%
src/lib/speedEvents.ts 86.56% 100% 76%
src/lib/templateStorage.ts 0% 0% 0%
src/lib/trackStorage.ts 3.33% 0% 0%
src/lib/trackUtils.ts 100% 100% 100%
src/lib/ubxParser.ts 5% 0% 0%
src/lib/utils.ts 100% 100% 100%
src/lib/vboParser.ts 83.2% 100% 60.97%
src/lib/vehicleStorage.ts 0% 0% 0%
src/lib/videoExport.ts 0% 0% 0%
src/lib/videoFileStorage.ts 0% 0% 0%
src/lib/videoStorage.ts 0% 0% 0%
src/lib/weatherService.ts 0% 0% 0%
src/plugins/cloud-sync/accountDeletion.ts 0% 0% 0%
src/plugins/cloud-sync/accountExport.ts 0% 0% 0%
src/plugins/cloud-sync/activeUser.ts 25% 0% 0%
src/plugins/cloud-sync/autoSync.ts 0% 0% 0%
src/plugins/cloud-sync/cloudClient.ts 0% 0% 0%
src/plugins/cloud-sync/CloudLogsPanel.tsx 0% 0% 0%
src/plugins/cloud-sync/DataPrivacyPanel.tsx 0% 0% 0%
src/plugins/cloud-sync/exportManifest.ts 100% 100% 100%
src/plugins/cloud-sync/FileDeleteToggle.tsx 0% 0% 0%
src/plugins/cloud-sync/fileSync.ts 76.47% 45.45% 100%
src/plugins/cloud-sync/FileSyncToggle.tsx 0% 0% 0%
src/plugins/cloud-sync/index.ts 0% 0% 0%
src/plugins/cloud-sync/LapSnapshotsPanel.tsx 0% 0% 0%
src/plugins/cloud-sync/localUsage.ts 0% 0% 0%
src/plugins/cloud-sync/merge.ts 90.9% 66.66% 100%
src/plugins/cloud-sync/pendingSync.ts 0% 0% 0%
src/plugins/cloud-sync/profile.ts 0% 0% 0%
src/plugins/cloud-sync/setupRevisionTombstones.ts 0% 0% 0%
src/plugins/cloud-sync/snapshotSync.ts 0% 0% 0%
src/plugins/cloud-sync/snapshotTombstones.ts 0% 0% 0%
src/plugins/cloud-sync/StoragePanel.tsx 0% 0% 0%
src/plugins/cloud-sync/storageTypes.ts 100% 100% 100%
src/plugins/cloud-sync/storeAccessors.ts 0% 0% 0%
src/plugins/cloud-sync/syncEngine.ts 0% 0% 0%
src/plugins/cloud-sync/syncStores.ts 100% 100% 100%
src/plugins/fileSources.ts 0% 0% 100%
src/plugins/index.ts 0% 0% 0%
src/plugins/mounts.ts 71.42% 75% 100%
src/plugins/panels.ts 75% 83.33% 100%
src/plugins/PluginMount.tsx 0% 0% 0%
src/plugins/PluginPanelHost.tsx 0% 0% 0%
src/plugins/registry.ts 77.27% 50% 100%
src/plugins/storage.ts 32.25% 8.33% 33.33%
src/plugins/types.ts 100% 100% 100%
src/types/racing.ts 100% 100% 100%

@TheAngryRaven TheAngryRaven merged commit 391ea00 into main Jun 2, 2026
7 checks passed
@TheAngryRaven TheAngryRaven deleted the claude/login-stripe-display-bug-zKWyF branch June 2, 2026 02:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants