https://supabase.com/ logo
Join DiscordCommunities
Powered by
Geeze I can absolutely not get RedirectTo working ...
# help
c
Geeze I can absolutely not get RedirectTo working in C# for magic links. I've got Additional redirect URLs copied identically to what I'm passing as RedirectTo, but it still just falls back to the site URL. If I manually change the magic link's redirect, I just get a 'User not found' message
n
Hello @chops! This thread has been automatically created from your message in #843999948717555735 a ``few seconds ago``. Pinging @User so that they see this as well! Want to unsubscribe from this thread? Right-click the thread in Discord (or use the ... menu) and select Leave Thread to unsubscribe from future updates. Want to change the title? Use the 
/title
command! We have solved your problem? Click the button below to archive it.
c
Which, User not found is pretty obvious, because GoTrue doesn't think it's allowed to post to that url...but why?
g
I don't believe gotrue supports redirectTo for email/phone including magic links. From SignIn docs:
Copy code
Sign in with redirect.#

Note that the redirectTo param is only relevant for OAuth logins, where the login flow is managed by the Auth server. If you are using email/phone logins you should set up your own redirects (within the email/sms template).
This says why. https://github.com/supabase/supabase/issues/5663#issuecomment-1074427708
n
chops (2022-04-22)
c
Wait that's super odd, because I have this exact flow working in a separate Flutter-based app
(using a different Supabase org project)
In flutter, I do:
Copy code
final response = await supabase.auth.signIn(
        email: _emailController.text,
        options: AuthOptions(
            redirectTo: kIsWeb
                ? null
                : 'com.example.example://login-callback/'));
which on mobile will generate a magic link email containing a link like https://id.supabase.co/auth/v1/verify?token=token&type=magiclink&redirect_to=com.example.example://login-callback/, on web the redirect_to is set to the site url, like http://localhost:3000 or whatever But in the C# app, I'm attempting to do the identical workflow, except the redirect_to parameter is always only set to the site url
l
you have to whitelist other redirect urls in the supabase dashboard, Authentication -> Settings -> Additional redirect URLs
If it works with other clients, maybe it's a missing feature in the c# client
g
I agree some think it should work. The docs were changed in feb to say no, if I read both of the doc change and the comments in the github. I've personally not used it so can't say for sure.
@silentworks EDIT: I went ahead and generated an issue based on the rest of the discussion and testing.... Can you get clarification for sure from the team on this? Edit: Please read below on some libraries using /magiclink endpoint versus /otp
c
Ah, it is a problem with the C# library. I spun up a Supabase instance here so that I could dump post data and see the actual requests. A flutter magiclink using redirect_to makes a POST to the URL 
/auth/v1/magiclink?redirect_to=com.example.example://login-callback
with a POST body simply containing 
{\x22email\x22:\x22dan@redchops.com\x22}
(escape characters are just how nginx logs it) The C# library configured the exact same way POSTs to 
/auth/v1/magiclink
and puts the redirect_to parameter in the POST body, so it seems like Gotrue ends up ignoring it
l
the 
magiclink
endpoint is depecrated, according to https://github.com/supabase/gotrue README and the 
redirectTo
parameter is not mentioned at all.
I wonder whether the gotrue-js client uses the 
otp
endpoint
g
${this.url}/otp${queryString}` for js magiclink
c
Beat me to it @garyaustin , just found that
g
Seems a bit of a cluster right now...
c
I'm not sure many of the community projects got the message, C#, Dart, and Python, maybe others, are still using the /magiclink endpoint for passwordless email
l
just glancing at the gotrue code, the otp endpoint just calls the magiclink function for email signins, so this should not make a difference
and according to the comment here https://github.com/supabase/gotrue/blob/master/api/helpers.go#L146 passing 
redirectTo
in the body should work
g
From kangmingtay commented on Mar 21 in the github issue I linked
Copy code
Hey everyone, just a heads up, the redirect_to param only works for oauth logins and not password-based / magiclink / phone otp sign-ins. This is because for password-based / magiclink / phone otp sign-ins, we make a POST request to gotrue and redirecting the response would change it to a GET request, which means that the response body would be lost.
for what is worth
c
Yeah…that’s interesting. I’ll have to try calling the endpoint with curl both ways with both organizations I have to see what happens
l
... as form data (https://github.com/supabase/gotrue/blob/master/api/helpers.go#L107). so passing 
redirectTo
in a json body is not supported.
c
Sure enough, even though the gotrue code suggests that it should be able to pull redirect_to out of the body, it does not seem able to
That makes sense then, for sure
l
so a bug/missing feature in the c# client then
c
i filed a bug already, i'll probably put together a pr this evening. that's a pretty darn quick fix imo
l
yes, should be fairly easy to fix
g
I just tested gotrue.js (which uses the redirect_to in the url) 
https://ugccqefilvseqbseypbq.supabase.co/auth/v1/otp?redirect_to=http%3A%2F%2Fsommapp.us%2Fsomm
and redirectTo works fine for magic link.... I'm not sure why the Mar comment and doc change, unless it was fixed later?
c
i wonder if there was just a misunderstanding going on there
g
I'll comment in that thread.
PreviousNext
Powered by