Stojan Dimitrovski

Please avoid relying on the sequence of events fired in the `onAuthStateChange` callback as the order is never guaranteed. You can always use [`getSession()`](https://supabase.github.io/gotrue-js/v2/classes/GoTrueClient.html#getSession) to safely access the latest access...

Closing for lack of activity and I think this has already been taken care of with the release of v2.

Please review our latest docs on [server side rendering](https://supabase.com/docs/guides/auth/server-side-rendering). Re-open the issue or continue the discussion if you have further questions.

There has been a lot of changes with respect to [server side rendering](https://supabase.com/docs/guides/auth/server-side-rendering) in v2 of the library, which should address this issue.

Hey we're going to be considering a change in the API for the next major version. Thank you for the feedback!

> > Seems like this is possible by using a view: > > ```sql > > create view public.users as select * from auth.users; > > revoke all on public.users...

Closing this issue as we're not going to be exposing `auth.users` to the public at all -- there's some very sensitive data there like the password hash and other things....

Thank you for this contribution, however the library has advanced quite a bit.

Hey @roker15 this sounds like a problem with your RLS policies. Please open a [support ticket](https://app.supabase.com/support/new) if you need assistance.

This is intentional behavior since tabs can be forgotten for a very long time in certain cases, and when you come back to the tab the user is effectively "signed-in"...