We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When you verify an OTP, the session is not persisted to localStorage, auto-refresh is not started, and the user is undefined.
I believe this is because the return payload of verifyMobileOPT is:
verifyMobileOPT
{ "access_token": "...", "expires_in": ..., "refresh_token": "...", "token_type": "bearer" }
Note that this is does not include expires_at and user.
expires_at
user
If we then look at the definition of _saveSession we can see why:
_saveSession
private _saveSession(session: Session) { this.currentSession = session this.currentUser = session.user const expiresAt = session.expires_at if (expiresAt) { const timeNow = Math.round(Date.now() / 1000) const expiresIn = expiresAt - timeNow const refreshDurationBeforeExpires = expiresIn > 60 ? 60 : 0.5 this._startAutoRefreshToken((expiresIn - refreshDurationBeforeExpires) * 1000) } // Do we need any extra check before persist session // access_token or user ? if (this.persistSession && session.expires_at) { this._persistSession(this.currentSession) } }
A couple things here:
session.user
currentUser
I expect the session signing in via verifyOTP to work the same as signing in via magic link & password
verifyOTP
The text was updated successfully, but these errors were encountered:
I was able to work around this by
api.getUser
expires_in
_saveSession(newSession)
_notifyAllSubscribers('SIGNED_IN')
This is not ideal as it relies on calling "private" functions, but it gets everything to work
Sorry, something went wrong.
I was able to work around this by Verifying the OTP Fetch the user via api.getUser Calculate expires_at from current_time & expires_in Create a new session based on the return of verifyOTP and steps 2 & 3 Manually call both _saveSession(newSession) and _notifyAllSubscribers('SIGNED_IN') This is not ideal as it relies on calling "private" functions, but it gets everything to work
@jaredramirez thanks for providing these steps! Worked for me as well.
I'm guessing this issue is also related to supabase/auth#141
Hey @jaredramirez and @dshukertjr, this issue should have been fixed sometime ago already! See here
Feel free to reopen this if it's still a problem!
No branches or pull requests
Bug report
Describe the bug
When you verify an OTP, the session is not persisted to localStorage, auto-refresh is not started, and the user is undefined.
I believe this is because the return payload of
verifyMobileOPT
is:Note that this is does not include
expires_at
anduser
.If we then look at the definition of
_saveSession
we can see why:A couple things here:
session.user
is nullcurrentUser
is set to be nullexpires_at
the auto-refresh system is never startedexpires_at
, the session is not persistedTo Reproduce
expires_at
anduser
is undefinedExpected behavior
I expect the session signing in via
verifyOTP
to work the same as signing in via magic link & passwordScreenshots
System information
Additional context
The text was updated successfully, but these errors were encountered: