https://supabase.com/ logo
Join Discord
Powered by
# gotrue
  • j

    jaitaiwan

    07/26/2022, 11:56 AM
    inviteUserByEmail creates a new user by email :/
  • i

    ilbert

    07/26/2022, 11:59 AM
    This way I get two user ids for the same user, which is not what I'd like to have
  • i

    ilbert

    07/26/2022, 12:39 PM
    @jaitaiwan maybe using the
    update
    function and then calling
    sendMagicLinkEmail
    with
    shouldCreateUser=false
    could work?
  • j

    jaitaiwan

    07/26/2022, 12:54 PM
    That could work!
  • g

    garyaustin

    07/26/2022, 12:57 PM
    Sorry to jump in but at least per doc using update does send conf email. https://supabase.com/docs/reference/javascript/auth-update
  • j

    jaitaiwan

    07/26/2022, 2:17 PM
    How did I miss that?! Thanks @garyaustin
  • i

    ilbert

    07/26/2022, 5:39 PM
    Thanks! I'll give it a try and let you know πŸ™‚
  • a

    abaum

    07/27/2022, 8:03 PM
    I just saw the new (or at least new to me!) auth setting for reuse interval. from the docs, it sounds like it's
    REFRESH_TOKEN_REUSE_INTERVAL
    and that it only applies if
    REFRESH_TOKEN_ROTATION_ENABLED
    is true. I'm not on a self-hosted server, so is it safe to assume that
    REFRESH_TOKEN_ROTATION_ENABLED
    is defaulted to true for me? as a follow up, I was a bit confused by the docs that said:
    The reuse interval for a refresh token allows for exchanging the refresh token multiple times during the interval to support concurrency or offline issues.
    my understanding was (loosely) that refresh tokens would not expire, and would only be revoked on logout or if the client attempts to use one. would this setting primarily be helpful if there were multiple separate attempts to refresh using the same token? or is there a different edge case that this is addressing? just trying to wrap my head around what it does and if we would want it enabled (I assume yes). relevant docs that I found are here, there might be others that I'm missing: https://supabase.com/docs/reference/tools/reference-auth thanks!
  • i

    ilbert

    07/29/2022, 7:25 AM
    Using the
    update
    function I'm getting this error from js client:
    Copy code
    error: { message: 'Error sending change email', status: 500 }
    and this is the log in gotrue:
    Copy code
    level=error msg="500: Error sending change email" component=api error="gomail: could not send email 1: gomail: invalid address \"\": mail: no address" method=PUT path=/user referer= remote_addr="192.168.123.5:37394" request_id=507417c7-139d-4ebd-ac2d-979cd6349976
    But the email confirmation sometimes arrives πŸ€” I can confirm that the SMTP server is working (I'm using Mailgun), because if I try to signup with email/password, it doesn't give any error
  • i

    ilbert

    07/29/2022, 7:31 AM
    @garyaustin also, verifying email at address
    http://localhost:8000/auth/v1/verify?token=muMSGs3Z9f0N98BAHpc1MQ&type=email_change&redirect_to=http://localhost:3000
    gives me error:
    error_code=404&error_description=User+not+found
  • i

    ilbert

    07/29/2022, 8:06 AM
    @garyaustin managed to solve it by setting
    GOTRUE_MAILER_SECURE_EMAIL_CHANGE_ENABLED: "false"
    , which disables double verification (verifies both old, which in my case does not exist, and new email). The problem is that this env variable is not documented anywhere, neither at https://supabase.com/docs/reference/tools/reference-auth nor at https://github.com/supabase/gotrue. I found it only at https://github.com/supabase/gotrue/blob/master/example.env#L38
  • i

    ilbert

    07/29/2022, 9:41 AM
    Opened a PR to document this and was just merged 😎 https://github.com/supabase/supabase/pull/7948
  • t

    trebor

    08/03/2022, 5:18 PM
    anyone have experience developing a supabase setup locally with a forked version of gotrue?
  • t

    trebor

    08/03/2022, 8:24 PM
    I am currently trying to do this by forking supabase/supabase and using a local fork of gotrue-js via npm link.
  • u

    user

    08/05/2022, 4:50 AM
    Yoooo
  • u

    user

    08/05/2022, 4:50 AM
    Running into http://localhost:3000/?error=server_error&error_description=Error+getting+user+email+from+external+provider from twitter oauth, has this been resolved by anyone?
  • u

    user

    08/05/2022, 4:50 AM
    The twitter acc does have an email linked
  • j

    jensen

    08/08/2022, 12:05 AM
    Ive only made local edits to the gotrue server code.
  • j

    jensen

    08/08/2022, 12:06 AM
    I had to make changes so that the access token is available to the redirect url. This way I can do real server side auth without onAuthChange. Progressive enhancement doesn’t work so well with when we have to run JS to auth.
  • y

    Yeehawlerz101

    08/09/2022, 2:18 PM
    hey there I'm wanting to get all of the users in the auth table that has not signed it and then resend them the confirmation email. is there anyway to do this semi-easily? I know I can get the confirmation token so i should worse case senario be able to create the email that supabase creates and send that as a link that somone would be able to click on and authorize their account.
    (using the js version btw)
  • t

    Tadasajon

    08/09/2022, 2:24 PM
    I want to build multiple apps using Supabase as backend for all of them -- but I don't want to duplicate the auth for my users. Can I set it up so that I get all the benefits of row-level security across all my apps but the auth is shared between them and I don't have duplicate user accounts?
  • m

    madsbuch

    08/09/2022, 3:11 PM
    It seems like we have a user that receives a recovery email when she tries to login using magic link (by just supplying email to the
    signIn
    function). Is there anycase where this should happen?
  • s

    stojan

    08/09/2022, 9:01 PM
    hey, not that I'm aware of... can you elaborate a bit more?
  • s

    stojan

    08/09/2022, 9:02 PM
    not at this time, unfortunately... but we're looking into different types of SSO and multi-tenancy use-cases, so watch this space
  • s

    stojan

    08/09/2022, 9:03 PM
    that's a great suggestion! I don't believe this is a standard feature at this time, tho
  • k

    kasvith

    08/10/2022, 6:27 PM
    does supabase link accounts with same email automatically? i.e: I created an account with email/pass then i try to login with gmail with same email...does supabase link them internally and issue same user id?
  • g

    garyaustin

    08/10/2022, 6:42 PM
    In general yes, various provider accounts are linked by the same email with the same user id. In testing awhile back (see links) this worked with email/password also, with some strangeness. I've seen no further updates on this, but have not done an exhaustive search. https://github.com/supabase/supabase/discussions/5827#discussioncomment-2305049 https://github.com/supabase/supabase/discussions/6811 These are a bit older, so maybe there has been progress.
  • k

    kasvith

    08/10/2022, 6:48 PM
    thanks this should be in the docs i think πŸ™‚
  • g

    garyaustin

    08/10/2022, 6:50 PM
    You could raise a doc issue in Supabase/supabase github. I've not searched to see if anyone ever has, but don't recall seeing it.
  • o

    Olyno

    08/11/2022, 1:14 PM
    ============================= Channel locked. Please ask in #1006358244786196510. =============================