feat: Add listSessions and revokeSession methods to GoTrueClient #1042
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…lient
- Introduces two new public methods in GoTrueClient to enhance session management.
- listSessions retrieves all active sessions for the current user via a GET request to the /sessions endpoint.
- revokeSession revokes a specific session via a DELETE request to /sessions/{sessionId}. If the revoked session matches the current session, it removes the session from local storage.
- Both methods follow the existing initialization, locking, and session handling patterns.
- JSDoc comments have been added for documentation and clarity.
More context: https://github.com/orgs/supabase/discussions/34340
nicokempe
changed the title
|
I haven't looked at the details, but I'd like to +1 this. Been on my "list" for a while; good to see someone lay down some code. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Warning
The required endpoints in the supabase/auth API have not yet been added, this is currently just a concept related to https://github.com/orgs/supabase/discussions/34340.
What kind of change does this PR introduce?
This PR adds a new feature to the Supabase Auth JavaScript SDK. It introduces two new public methods —
listSessions()andrevokeSession(sessionId: string)— to theGoTrueClientclass. These methods enhance session management by allowing developers to list all active sessions for the current user and to revoke a specific session.What is the current behavior?
Currently, the SDK provides methods for sign-in, sign-out, and token refresh, but it does not expose any functionality for listing or revoking individual user sessions. Developers can only sign out of the current session or all sessions without granular control.
What is the new behavior?
listSessions(): Retrieves all active sessions for the current user via a GET request to the/sessionsendpoint. It returns a sessions array or an error if the operation fails.revokeSession(sessionId: string): Revokes a specific session by its session ID through a DELETE request to/sessions/{sessionId}. If the revoked session matches the current session, the method also clears it from local storage.Both methods follow the existing initialization, locking, and error handling patterns in
GoTrueClient, ensuring consistency and reliability with the rest of the SDK.Additional context
This enhancement addresses a common feature request for granular session management similar to what is available in other major platforms. Although this PR does not include new tests, it aligns with the SDK's established code style and behavior. Future iterations may add dedicated tests for these new methods.
Context