-
-
Notifications
You must be signed in to change notification settings - Fork 232
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
signOut
does not clear storage when session is invalid
#778
Comments
This is causing a big bug for me. If a user deletes their account, the app still thinks they're logged in. If they want to create a new account, I have to tell them to uninstall and re-install the app. This has resulted in my app receiving negative feedback. Please can the supabase team look into this urgently? |
I'm having the same issue, the signOut function doesn't work when the token has expired or when i close the session in other device. |
I found a temp solution, you need to create a route handler and if the logout failed, you can redirect to this route: /auth/signout
` const supabase = createClient(); if (error) {
}` |
This is my current mitigation by forcibly removing all cookies when
|
hi @chaichontat, which version of supabase-js are you on? we fixed this in supabase/auth-js#894 |
Bug report
Describe the bug
supabase.auth.signOut
does not remove storage/cookies when a session has been revoked. This meant the client retains a session and a (potentially) unexpired JWT.This is a known issue in different
auth
repos and is recently fixed inauth-js
: supabase/auth-js#894.supabase/auth#1550
supabase/auth#1518
https://github.com/orgs/supabase/discussions/9327
To Reproduce
Steps to reproduce the behavior, please provide code snippets or a repository:
auth
table using the supabase console.supabase.auth.signOut
returnserror: AuthApiError: Session from session_id claim in JWT does not exist
and does not clear storage or cookies.Expected behavior
supabase.auth.signOut
should clear storage/cookies regardless of return from the supabase server.System information
The text was updated successfully, but these errors were encountered: