supabase-community
failed to get_session after create_client by accees_token as supabase_key
Describe the bug
# access_token from AuthResponse.session.access_token by sign in from somewhere
async def get_db(access_token: AccessTokenDep) -> AsyncClient:
client: AsyncClient | None = None
try:
client = await create_client(
settings.SUPABASE_URL,
access_token,
options=ClientOptions(
postgrest_client_timeout=10, storage_client_timeout=10
),
)
session = await client.auth.get_session()
# client.postgrest.auth(token=access_token)
user = await client.auth.get_user()
yield client
except Exception as e:
logging.error(e)
raise HTTPException(status_code=401, detail=e)
finally:
if client:
await client.auth.sign_out()
session = await client.auth.get_session(),session got None unless i signed in with password etc
in short ,it should be able to recognize the access token from front_end after signed in , create_client with the access token as supabase_key should work for it
To Reproduce just called
async def create_client(
supabase_url: str,
supabase_key: str,
options: ClientOptions = ClientOptions(),
) -> AsyncClient:
....
return await AsyncClient.create(
supabase_url=supabase_url, supabase_key=supabase_key, options=options
)
@classmethod
async def create(
cls,
supabase_url: str,
supabase_key: str,
options: ClientOptions = ClientOptions(),
):
client = cls(supabase_url, supabase_key, options)
client._auth_token = await client._get_token_header()
return client
add break point at client._auth_token = await client._get_token_header()
you will find that client._auth_token set to None!!!,which means the @property def postgrest(self): can not be inited correctly by access_token
self._auth_token = {
"Authorization": f"Bearer {supabase_key}",
}
``
**Expected behavior**
```python
async def _get_token_header(self):
try:
session = await self.auth.get_session()
access_token = session.access_token
except Exception as err:
access_token = self.supabase_key
return self._create_auth_header(access_token)
client._auth_token = await client._get_token_header()
the first time after called get_session() should return the correct session like client.auth.get_user(jwt),it works
Desktop (please complete the following information):
- OS: win
- Version v 2.3.3
before v2.3.3,there is no client._auth_token = await client._get_token_header()
This isn't correct as we introduced this before 2.3.3. Also the reproducible steps you've provided isn't complete. Please create a full reproducible example as its really hard to debug with partials. Also note I have 2.3.3 running in multiple demos.
The quoted functionality has been there since 2.2.0 https://github.com/supabase-community/supabase-py/blob/v2.2.0/supabase/_async/client.py#L94-L103
Also note get_session() would return null either way since you aren't technically signed in, you're just passing the user's access token to the client. You would probably have to call set_session() in order to get a value back when calling get_session().
sorry to bother u ! i think i am too sleepy yesterday that misundertand the version🌹
i got it thanks! ur correct,after just passed the access_token to called get_session() which should return None
Also there's no description in web doc about get_session(),maybe should add more
and can only pass access_token to set_session()?
doc said should passed togehter i do test and it's true in the project,
GPT4 always warns that not safe to pass refresh token every time😂,we hope to be able to recognize the user session by only the access token from front_end🫶
if we can achive that,then could we create_client() via accees_token as supabase_key? let get_session() works just passed it,which it's suitable for Front-end and back-end separation project i think.
@Atticuszz these are very good ideas, I'm going to add them to the list of things to get done and add them in when I get a chance or you can create a PR if you wish and I'll get them reviewed.
This PR should have resolved this issue https://github.com/supabase-community/supabase-py/pull/766.