-
-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't Retrieve/Set a User/Session: "Session from session_id claim in JWT does not exist" #503
Comments
Hey, Auth team here - thanks for the query! Do you mind expanding a little more on how the user is created? (e.g. create user via admin api, signup) Generally it should be possible to obtain a session from Supabase auth by signing in after the user is created. Let me know if there are any potential concerns that I've missed though Lmk! |
@Slumberdac I'm a little confused by your code examples above as in one of them I can see you signing in and then immediately after you sign out. Can you provide an complete reproducible repository with the issue you are facing as the small abstract of code your provided isn't that helpful? |
sorry for delay I'll try and create a basic repository as an example and come back to you |
Sorry again for the delay but hopefully this example helps understanding where i might have gone wrong. Just like my original issue it is ran with fastapi. Everything should be there by following the README please inform me if anything is wrong. https://github.com/Slumberdac/Example Thank you! |
With the recent update to supabase's auth system, trying to retrieve a user throws a 403 rather than the 401 it used to send if they have no session_id in auth.session table (for more information).
This makes it virtually impossible to retrieve a user created via the API (in my experience) because they may not have a row in the session table.
Thus no authentication can occur using access tokens, instead raising this exception:
gotrue.errors.AuthApiError: Session from session_id claim in JWT does not exist
For example, this code which uses the access token stored in the user's cookies to get the current user for later, no longer works, the previously mentioned AuthApiError happens and current_user is never set.
This issue is making it near impossible for my project to work and a simple return to a prior version doesn't work because its root is the previously mentioned update from supabase
The text was updated successfully, but these errors were encountered: