Stojan Dimitrovski
Stojan Dimitrovski
I can vaguely see some fetch error refreshing a token twice.
Password hashing functions like bcrypt are very CPU intensive and long running. On my Apple m1 chip, it takes about 75,455 microseconds for one password hash to be generated with...
### Description PRs are being closed as "stale" but the issues they resolve are much needed! This discourages contribution. Please open up the project to more maintainers! https://github.com/gobuffalo/pop/pull/823 ### To...
Checks for no error instead of the presence of data when showing the warning about potential insecure use of `getSession()`.
`createMiddlewareClient` was basically completely broken for correctly syncing the session state between the server and browser parts of a NextJS application. It works in most situations where the user is...
Adds support for the `accessToken` option on the Supabase client which can be used to provide a third-party authentication (e.g. Auth0, Clerk, Firebase Auth, ...) access token or ID token...
Removes legacy lookups in `auth.users` for when a corresponding entry in `one_time_tokens` is not found. Phase II of the refactor, based on #1558, to be released after it's deployed for...
The `migrate` command runs migrations one at a time, stopping until the last one that could be fully and successfully completed. However, GoTrue is exclusively built with PostgreSQL in mind,...
Logging the request may leak some dangerous information such as the `Authorization` header. Adds clarification about the common cause for this error.
GoTrue enforces rate limiting even for the admin JWT, which should not be the case. See #651.