New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The authenticated user get logout after a hour #33
Comments
did you |
Yes i do await |
This issue happens after couples hours of login when u not has internet |
Please do a test with supabase quick start for flutter Just run the simple |
Issue is that |
Is |
Session being deleted when offline is a known issue of Supabase. Supabase lacks offline capability at the moment in general. We should implement a fix once it is fixed on js SDK, but until then, the use of this library should be with apps that you can safely assume your users are connected at all times. |
The library works as it should be. When you turn on the app again, the library will try to refresh user session if it's expired. If the device is offline, then refresh token will fail and user is log out. @iampopal what's your expectation when the device is offline and user session is expired ? |
The JWT shall Expire as it normally do supabase.auth.currentUser Shall not return null. |
Like They never logout us when we get offline The user session shall be saved and user shall not logout even the jwt expires |
We see similar behaviour in production mode even when the app is open all the time. Would it be possible to at least make the token refresh available via the API to let the client manually refresh the token when it is expired? Even better would be if the expire behaviour could be configured on the initialization. |
I found the API. await supabase.auth.api.refreshAccessToken(refreshToken); But I don't know where to get the refresh token. |
I confirmed that when the app is running, Supabase automatically refreshes the token. I think the app should be turned on again and Supabase should process the process to get a new token, but this doesn't happen automatically. I wonder what we think about this. |
@Jay-flow great find! I agree it would be great if supabase refreshes the token after opening the app. At the moment we hard refresh the token with this API on all server interactions: Supabase.instance.client.auth.refreshSession(); but we already had some scenarios where this fails too. |
@KirioXX Thx for leaving comments. That's right. As you know, It's not a perfect solution. This is because if the user does not access the app for a long time, the method will fail. Better measures are needed for this. If anyone shares a good idea about this, it will help everyone. :) |
Just to add our own experience here: Scenario:
Summary
ExamplesFirst occurrence: Second occurrence: Third occurrence: Fourth occurrence: Whilst these all seem to be getting logged out at around 7-10 days of service, there are likely 40-50 devices that have NEVER been logged out in 80 days of service. JWT is set to 1 week. |
@christrunk @KirioXX Thank you for providing additional details on this issue. This issue is the next issue we will tackle, and we hope to ship a fix sometime next week. We apologize for the inconvenience we have caused. |
I'm getting this issue. However, in my case, neither user nor session are null. Was the above merged PR supposed to resolve this? Here are my thoughts:
|
@caseycrogers could you explain this? |
The error does not seem consistent. Just now I re-ran the above and it did not crash. Perhaps sometimes the client is failing to refresh the JWT token and other times it is not? |
It'd be awesome if you could post the crash error and stacktrace in here |
Error: StackTrace:
|
I've realized that this only happens on my emulator and only happens when the emulator time is out of sync and behind the real time so I'm presuming that's the issue! |
I will close this issue as we have implemented a retry for when when the client is offline and fails to refresh the token. |
Authentication Bug
If user is not connected to internet and open app after a hour or two, the supabase.auth.user is null so the app show the login screen to user again.
To Reproduce
The text was updated successfully, but these errors were encountered: