-
-
Notifications
You must be signed in to change notification settings - Fork 148
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Requests made when a JWT token expires always fail (Supabase v2) #487
Comments
Good question: curious about this too |
Hey we're tracking this issue internally. We did some changes to the way expiration is handled in v2 (i.e. removed a safety margin that was previously there). But I think it's time to bring it back now, as it clearly is not behaving as well as we hoped. I'll submit a PR right now. |
@hf okay thanks! When you submit the PR, could you please link it here? Would love to test it and give feedback (and maybe switch to the PR branch if it fixes it). For context, this is causing data loss for our users where they make an action on the app and don't see it reflected once they refresh/reopen/etc |
This is the PR (that was contributed by another member of the community a few days ago). #482 |
If you could leave your review on it that would be great since it's going to take at least one day before we can deploy a fix to this. |
Hey @alexreyes, just sanity checking -- you're setting the JWT expiry to 5 seconds only to test this behavior right? We don't recommend setting an expiry time of less than 2-3 minutes on it, except for testing purposes like this. |
Yup, it’s just for testing. Normally I set the expiry to 1 hour
…On Fri, Oct 14, 2022 at 12:22 PM Stojan Dimitrovski < ***@***.***> wrote:
Hey @alexreyes <https://github.com/alexreyes>, just sanity checking --
you're setting the JWT expiry to 5 seconds only to test this behavior
right? We don't recommend setting an expiry time of less than 2-3 minutes
on it, except for testing purposes like this.
—
Reply to this email directly, view it on GitHub
<#487 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABVRBXOYXTIYYFF5TLSFYRTWDGXGZANCNFSM6AAAAAARERAIDM>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
@hf I tried it, and I still had the same problem of the request failing because of JWT expiry when using the changes linked in the PR. Do you have any other ideas what might be causing this? |
That's unfortunate...
It's difficult to tell since the auto refresh code is a bit messy. I guess we have to do a refactor of ti sooner. |
I ended up figuring out why this bug was happening! Turns out, it had nothing to do with Supabase and instead was due to the way react renders things. The situation: I am updating the JWT token in a useEffect() in the context file for my project. There are times when the JWT token updates in the context, and this updated token isn't being passed down and reflected in the child component where the API request is made. The solution: I use |
That's reassuring because we were discussing about finding some time to squeeze a refactor of the auto refresh code. 😅 |
Bug report
Describe the bug
Making a request right when a JWT token expires results in a
400: JWT expired
error on React Native iOS. This only happens exactly as the token is expiring, and subsequent requests seem to work.I think this might also be causing the random logging out issues as well.
To Reproduce
Steps to reproduce the behavior, please provide code snippets or a repository:
NOTE: making a second request after getting the JWT expired error later results in that second request working.
Expected behavior
I would expect the token to be refreshed before making the request and the request to work fine.
Screenshots
System information
Additional context
The text was updated successfully, but these errors were encountered: