forked from supabase/supabase-flutter
/
supabase_auth.dart
311 lines (270 loc) · 9.58 KB
/
supabase_auth.dart
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
import 'dart:async';
import 'package:app_links/app_links.dart';
import 'package:flutter/foundation.dart';
import 'package:flutter/material.dart';
import 'package:flutter/services.dart';
import 'package:supabase_flutter/supabase_flutter.dart';
import 'package:url_launcher/url_launcher.dart';
// ignore_for_file: invalid_null_aware_operator
/// SupabaseAuth
class SupabaseAuth with WidgetsBindingObserver {
SupabaseAuth._();
static final SupabaseAuth _instance = SupabaseAuth._();
bool _initialized = false;
late LocalStorage _localStorage;
/// The [LocalStorage] instance used to persist the user session.
LocalStorage get localStorage => _localStorage;
/// {@macro supabase.localstorage.hasAccessToken}
Future<bool> get hasAccessToken => _localStorage.hasAccessToken();
/// {@macro supabase.localstorage.accessToken}
Future<String?> get accessToken => _localStorage.accessToken();
/// Returns when the initial session recovery is done.
///
/// Can be used to determine whether a user is signed in upon initial
/// app launch.
Future<Session?> get initialSession => _initialSessionCompleter.future;
final Completer<Session?> _initialSessionCompleter = Completer();
/// **ATTENTION**: `getInitialLink`/`getInitialUri` should be handled
/// ONLY ONCE in your app's lifetime, since it is not meant to change
/// throughout your app's life.
bool _initialDeeplinkIsHandled = false;
String? _authCallbackUrlHostname;
GotrueSubscription? _authSubscription;
final _listenerController = StreamController<AuthChangeEvent>.broadcast();
StreamSubscription<Uri?>? _deeplinkSubscription;
final _appLinks = AppLinks();
/// Listen to auth change events.
///
/// ```dart
/// SupabaseAuth.instance.onAuthChange.listen((event) {
/// // Handle event
/// });
/// ```
///
/// A new event is fired when:
///
/// * the user is logged in
/// * the user signs out
/// * the user info is updated
/// * the user password is recovered
Stream<AuthChangeEvent> get onAuthChange => _listenerController.stream;
/// A [SupabaseAuth] instance.
///
/// If not initialized, an [AssertionError] is thrown
static SupabaseAuth get instance {
assert(
_instance._initialized,
'You must initialize the supabase instance before calling Supabase.instance',
);
return _instance;
}
/// Initialize the [SupabaseAuth] instance.
///
/// It's necessary to initialize before calling [SupabaseAuth.instance]
static Future<SupabaseAuth> initialize({
LocalStorage localStorage = const HiveLocalStorage(),
String? authCallbackUrlHostname,
}) async {
try {
_instance._initialized = true;
_instance._localStorage = localStorage;
_instance._authCallbackUrlHostname = authCallbackUrlHostname;
_instance._authSubscription =
Supabase.instance.client.auth.onAuthStateChange((event, session) {
_instance._onAuthStateChange(event, session);
if (!_instance._listenerController.isClosed) {
_instance._listenerController.add(event);
}
});
await _instance._localStorage.initialize();
final hasPersistedSession =
await _instance._localStorage.hasAccessToken();
if (hasPersistedSession) {
final persistedSession = await _instance._localStorage.accessToken();
if (persistedSession != null) {
final response = await Supabase.instance.client.auth
.recoverSession(persistedSession);
final error = response.error;
if (error != null) {
Supabase.instance.log(response.error!.message);
if (!_instance._initialSessionCompleter.isCompleted) {
_instance._initialSessionCompleter.completeError(error);
}
}
if (!_instance._initialSessionCompleter.isCompleted) {
_instance._initialSessionCompleter.complete(response.data);
}
}
}
WidgetsBinding.instance?.addObserver(_instance);
_instance._startDeeplinkObserver();
if (!_instance._initialSessionCompleter.isCompleted) {
// Complete with null if the user did not have persisted session
_instance._initialSessionCompleter.complete(null);
}
return _instance;
} catch (error, stacktrace) {
if (!_instance._initialSessionCompleter.isCompleted) {
_instance._initialSessionCompleter.completeError(error, stacktrace);
}
rethrow;
}
}
/// Dispose the instance to free up resources
void dispose() {
_listenerController.close();
_authSubscription?.data?.unsubscribe();
_stopDeeplinkObserver();
WidgetsBinding.instance?.removeObserver(this);
}
@override
void didChangeAppLifecycleState(AppLifecycleState state) {
switch (state) {
case AppLifecycleState.resumed:
_recoverSupabaseSession();
break;
case AppLifecycleState.inactive:
break;
case AppLifecycleState.paused:
break;
case AppLifecycleState.detached:
break;
}
}
/// Recover/refresh session if it's available
/// e.g. called on a Splash screen when app starts.
Future<bool> _recoverSupabaseSession() async {
final bool exist =
await SupabaseAuth.instance.localStorage.hasAccessToken();
if (!exist) {
return false;
}
final String? jsonStr =
await SupabaseAuth.instance.localStorage.accessToken();
if (jsonStr == null) {
return false;
}
final response =
await Supabase.instance.client.auth.recoverSession(jsonStr);
if (response.error != null) {
SupabaseAuth.instance.localStorage.removePersistedSession();
return false;
} else {
return true;
}
}
void _onAuthStateChange(AuthChangeEvent event, Session? session) {
Supabase.instance.log('**** onAuthStateChange: $event');
if (event == AuthChangeEvent.signedIn && session != null) {
Supabase.instance.log(session.persistSessionString);
_localStorage.persistSession(session.persistSessionString);
} else if (event == AuthChangeEvent.signedOut) {
_localStorage.removePersistedSession();
}
}
/// if _authCallbackUrlHost not init, we treat all deeplink as auth callback
bool _isAuthCallbackDeeplink(Uri uri) {
if (_authCallbackUrlHostname == null) {
return true;
} else {
return _authCallbackUrlHostname == uri.host;
}
}
/// Enable deep link observer to handle deep links
void _startDeeplinkObserver() {
Supabase.instance.log('***** SupabaseDeepLinkingMixin startAuthObserver');
_handleIncomingLinks();
_handleInitialUri();
}
/// Stop deep link observer
///
/// Automatically called on dispose().
void _stopDeeplinkObserver() {
Supabase.instance.log('***** SupabaseDeepLinkingMixin stopAuthObserver');
_deeplinkSubscription?.cancel();
}
/// Handle incoming links - the ones that the app will recieve from the OS
/// while already started.
void _handleIncomingLinks() {
if (!kIsWeb) {
// It will handle app links while the app is already started - be it in
// the foreground or in the background.
_deeplinkSubscription = _appLinks.uriLinkStream.listen(
(Uri? uri) {
if (uri != null) {
_handleDeeplink(uri);
}
},
onError: (Object err) {
_onErrorReceivingDeeplink(err.toString());
},
);
}
}
/// Handle the initial Uri - the one the app was started with
///
/// **ATTENTION**: `getInitialLink`/`getInitialUri` should be handled
/// ONLY ONCE in your app's lifetime, since it is not meant to change
/// throughout your app's life.
///
/// We handle all exceptions, since it is called from initState.
Future<void> _handleInitialUri() async {
if (_initialDeeplinkIsHandled) return;
_initialDeeplinkIsHandled = true;
try {
final uri = await _appLinks.getInitialAppLink();
if (uri != null) {
_handleDeeplink(uri);
}
} on PlatformException catch (err) {
_onErrorReceivingDeeplink(err.message ?? err.toString());
// Platform messages may fail but we ignore the exception
} on FormatException catch (err) {
_onErrorReceivingDeeplink(err.message);
} catch (err) {
_onErrorReceivingDeeplink(err.toString());
}
}
/// Callback when deeplink receiving succeeds
Future<void> _handleDeeplink(Uri uri) async {
if (!_instance._isAuthCallbackDeeplink(uri)) return;
Supabase.instance.log('***** SupabaseAuthState handleDeeplink $uri');
// notify auth deeplink received
Supabase.instance.log('onReceivedAuthDeeplink uri: $uri');
await _recoverSessionFromUrl(uri);
}
Future<void> _recoverSessionFromUrl(Uri uri) async {
// recover session from deeplink
final response = await Supabase.instance.client.auth.getSessionFromUrl(uri);
if (response.error != null) {
Supabase.instance.log(response.error!.message);
}
}
/// Callback when deeplink receiving throw error
void _onErrorReceivingDeeplink(String message) {
Supabase.instance.log('onErrorReceivingDeppLink message: $message');
}
}
extension GoTrueClientSignInProvider on GoTrueClient {
/// Signs the user in using a thrid parties providers.
///
/// See also:
///
/// * <https://supabase.io/docs/guides/auth#third-party-logins>
Future<bool> signInWithProvider(
Provider provider, {
AuthOptions? options,
}) async {
final res = await signIn(
provider: provider,
options: options,
);
final url = Uri.parse(res.url!);
final result = await launchUrl(
url,
mode: LaunchMode.externalApplication,
webOnlyWindowName: '_self',
);
return result;
}
}