supabase icon indicating copy to clipboard operation
supabase copied to clipboard

Published 20 hours ago verified publisher icon nuxt-modules

Having ?code= in the URL logs out users

Open jetlej opened this issue 2 years ago • 3 comments

Version

@nuxtjs/supabase: 1.1.2 nuxt: 3.7.0

Steps to reproduce

Add a ?code= parameter to any URL while logged in

What is actually happening?

A POST request is sent to https://[id].supabase.co/auth/v1/token?grant_type=pkce, which returns a 403 FORBIDDEN, and then logs the user out.

I'm using the Google API, which must return a ?code URL parameter.

Screenshot 2023-10-07 at 9 41 37 AM

jetlej avatar Oct 07 '23 13:10 jetlej

Hey @jetlej, any news on this?

vachmara avatar May 15 '24 10:05 vachmara

To avoid this behavior, I forked @supabase/auth-js to customize the _isPKCEFlow function and exclude some page of my app.

This is temporary until I submit a better flow for PR. If you have any idea on this @jetlej, happy to discuss.

vachmara avatar May 22 '24 17:05 vachmara