auth-js icon indicating copy to clipboard operation
auth-js copied to clipboard
verified publisher icon supabase

Auth-js does not handle Cloudflare Web server is down 521 error code correctly

Open bergerkiller opened this issue 11 months ago • 0 comments

Bug report

  • [x] I confirm this is a bug with Supabase, not with my own application.
  • [x] I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

We have supabase running behind cloudflare proxy. We discovered that when the machine is offline and cloudflare can't reach it, cloudflare responds with a "Web server is down" page, with net error code 521.

Auth-JS does not consider error code 521 auth-retryable. This causes it to delete the user's session token due to downtime of the server.

To Reproduce

  1. Host supabase behind cloudflare
  2. Stop server or stop listening on port so cloudflare considers the server down
  3. Try to resume a user sessions with auth-js

Expected behavior

Keeps retrying, does not delete the session state

Additional context

It defines error codes that are retryable here: https://github.com/supabase/auth-js/blob/master/src/lib/fetch.ts#L38

And despite the comment suggesting otherwise, code 521 does not get retried: https://github.com/supabase/auth-js/blob/master/src/lib/fetch.ts#L46

Instead it falls all the way down to error.json(), fails because cloudflare sends html not json, then gets wrapped into AuthUnknown and then session gets nuked forever.

bergerkiller avatar Jan 28 '25 14:01 bergerkiller