Supabase is an open source Firebase alternative. Start your project with a Postgres database, Authentication, instant APIs, Edge Functions, Realtime subscriptions, and Storage.

Supabase

I set a cookie during login using  `await supabase.auth.api.setAuthCookie(req, res)`, but when I sign out, I also try to do   `res.setHeader('Set-Cookie', 'sb:token=deleted; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT');`. This works locally, but when deployed to Vercel, the `sb:token` persists on following requests and therefore I pass my middleware auth checks and access protected pages unintentionally.

FYI, doing the cookie management inside of a NextJS API. My NextJS FE calls my internal NextJS API during sign in/sign out to add/remove cookies respectively.

1) Does Supabase have a cleaner way of removing cookies?
2) If not, is there any idea of what is going wrong?

Thanks in advance. I love Supabase so far 🙂

This bug is caused because Next.js's serverless features always return a 304 Not Modified for GET. 

Solution was to POST to my NextJS API instead where I execute

`import Cookies from 'cookies'

export default async function handler(req, res) {
  if (req.method !== 'POST'){
    return res.status(405).json({ status: 'fail', message: 'This method only supports POST' });
  }
  const cookies = new Cookies(req, res);
  cookies.set('sb:token');
  res.status(200);
}`