Stojan Dimitrovski
Stojan Dimitrovski
Today refresh tokens are stored _raw_ in the database. Should the database be stolen, leaked or misused by an external or internal party, it would be nearly trivial to issue...
Not sure what's wrong with this code... but it doesn't work. There appears to be an official function (although experimental) within ethers: https://docs.ethers.io/v5/single-page/#/v5/api/signer/-#-Signer-signTypedData
Build was missing for some reason. 😱
When the access token (JWT) contains a `session_id` property which does not correspond to a row in the `sessions` table, it means that the user has been signed out or...
A long-standing bug has been that when autoconfirm is on (should have been named "allow sign up without verifying email") it would set the `email_confirmed_at` column to the timestamp of...
Fixes #1589.
Fixes issue with parsing the `CacheDuration` and `ValidUntil` attributes of `EntitiesDescriptor`. This was fixed on `EntityDescriptor` but seems to have been left out here. It's causing crashes. See: - https://github.com/supabase/auth/issues/1697
Adds a new config syntax that allows more flexible rate limiting configuration for the `GOTRUE_RATE_LIMIT_EMAIL_SENT`, `GOTRUE_RATE_LIMIT_SMS_SENT` configs. It can be added in follow up PRs to the other configs. It's...
Makes it easy to see the error code behind an API Gateway log entry. Example: