gotrue-swift icon indicating copy to clipboard operation
gotrue-swift copied to clipboard

Published 20 hours ago verified publisher icon supabase-community

Auth sessions don't automatically refresh

Open MilesV64 opened this issue 2 years ago • 2 comments

Bug report

Describe the bug

When calling try await client.auth.session, it often throws GoTrue.GoTrueError.APIError(message: nil, msg: nil, code: nil, error: Optional("invalid_grant"), errorDescription: Optional("Invalid Refresh Token: Refresh Token Not Found") and I need to manually sign in again. This happens quite often and is undesirable behavior in a production iOS app, as the user should not have to sign back in so often.

To Reproduce

  1. Sign in with OTP sms
  2. Make plenty of authenticated server requests like so:
do {
    let session = try await self.supabaseClient.auth.session
    let accessToken = session.accessToken
    // Pass accessToken in http authorization header to custom server endpoint
}
  1. Eventually, after a day or so, the auth session will start throwing the refresh token error.

Expected behavior

The user should not have to log in again ever on iOS, unless they log out themselves. Meaning if you have logged in, try await client.auth.session should always refresh itself and give a valid session assuming no other errors.

System information

  • OS: [iOS 16.4.1]
  • Version of gotrue-swift: [e.g. 1.1.0]
  • Version of supabase-swift: [e.g. 0.2.1]

MilesV64 avatar Apr 20 '23 16:04 MilesV64

Curious if this is happening to anyone else? This may be a supabase auth server bug, but every time the session attempts to refresh I get this error.

MilesV64 avatar Aug 17 '23 21:08 MilesV64

it is happening to me for SignInWithOTP via email as well. Session expires but doesn't retrieve new ones.

pradeepb28 avatar Oct 27 '23 07:10 pradeepb28