auth-js
auth-js copied to clipboard
don't send expired JWTs
We might want to verify the JWT expiry date locally before sending to the server to query for data, then if there's a refresh_token
stored locally we might be able to refresh it before making the request, or otherwise triggering a listenable event on the client
related: https://github.com/supabase/supabase/discussions/889 related: https://github.com/supabase/supabase-js/issues/178
First-time contributor here, I'd be happy to take a look at this if it's up for grabs
Having a look now, thinking of putting the checks in SupabaseClient in the _getAuthHeaders method as a starting point to check on client initialization then opening PRs to the GoTrue, PostgREST, Realtime, and Storage clients to check per request. Would that work @awalias?
+1 for this. During development I've noticed some issues where if the Chrome engine is inactive for a little bit (say, your comp was on standby) but the tab is still open, I can only assume my JWT will have expired, as I can't query rows. After a little bit, it "fixes" itself, but this is a little annoying to handle as it should be handled as part of the library.
It's beyond annoying to always be logged out of supabase apps, including the supabase dashboard.
Yeah, second this
I think this is fixed now with v2. Congratulations supabase team 👏