-
-
Notifications
You must be signed in to change notification settings - Fork 6.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
getUser() does not work in new SSR package from Next.js API routes #26249
Comments
We're also experiencing problems that in our middleware, We're on |
I was able to peice together a solution following this blog post https://jonmeyers.io/blog/forwarding-cookies-from-server-components-to-route-handlers-with-next-js-app-router How ever i was not able to manually create a session with the tokens from an api route. I think this is still a bug and so I will not close this issue EDIT: Setting an environment variable in the next.config for every route also does not work to pass into the headers. setting it for every route would leak api keys to all requests |
I came up with an ok solution it is not perfect but it works. This uses
The solution in my previous comment does not work due to not being able to modify the |
Did your try step 4 from the Supabase guide? The "updateSession" function might be the thing you're looking for maybe? |
Bug report
https://discord.com/channels/839993398554656828/1239573574214357033
Describe the bug
I have recently started updating some of my SaaS projects to use the new SSR package. Apon my first update I noticed many of my API routes broke.
I use Next.js 14 app router with routeHandlers for handling all my data.
YES I call
await supabase.auth.getUser();
in the middlewareI use the
supabase.auth.getUser()
function to retrieve the user before doing anything within an api route. This allows me to validate they are logged in and have correct access.The session exists in every other instance of the package. serverActions, client, and server components. It is only API routes that are effected.
I have even tried to pass both the
access_token
andrefresh_token
to the api route and usesetSession
apon next attempting to use supabase it does not work even within the same api route.Code
getUserInfo simply should return the user info in our system
To Reproduce
Steps to reproduce the behavior, please provide code snippets or a repository:
getUser()
within the api route. It will get a userExpected behavior
Calling
getUser()
should perform as it did in go-true it should always return the currently logged in user if they exist.System information
Additional context
I have tried multiple different ways to go about this including manipulation the session manually. I would expect
getUser
to just work as it didThe text was updated successfully, but these errors were encountered: