auth-helpers: signOut does not clear session and useUser does not get latest until refresh once

Bug report

Describe the bug

Hello, I am currently upgrading from v1 to v2 and noticed some weird behaviors with auth-helpers and Nextjs after the exciting 0.5.1 update!

I have followed the migration guide from both supabase and auth-helpers.

There are two weird behaviors:

  • Once I login with email+password, useUser still returns null on my /home page until I refresh (waiting does nothing). I have done a session check on a middleware.ts before home loads, so I am sure that the user is valid/logged in.
// login.ts
const {
      data: { user },
      error,
    } = await supabaseClient.auth.signInWithPassword({
      email,
      password,
    });

router.push('/home');

// home.ts
const user = useUser(); // null
  • Once I sign out, /home -> / (server-side checks that no session) -> /login, the useUser on the /login page still detects User active and SessionContext has non-null Session object until I refresh (waiting does nothing).
if (user) { const { error } = await supabaseClient.auth.signOut(); router.push('/'); }

Expected behavior

useUser returns null THEN User when redirected to /home. signOut to clear session and useUser to return null instead of User.

System information

  • OS: Windows
  • Browser: Firefox
  • Version of Node.js: LTS 16

Version:

"@supabase/auth-helpers-nextjs": "0.5.1",
"@supabase/auth-helpers-react": "0.3.1",
"@supabase/supabase-js": "2.0.5",
"next": "12.3.1",
"react": "^18.2.0",

// Also tried with default Component prop with similar result
type ExtendedAppProps = AppProps<{ initialSession: Session }> & {
  Component: NextPage<{ initialSession: Session }>;
  emotionCache: EmotionCache;
};

const App = (props: ExtendedAppProps) => {
<SessionContextProvider
          supabaseClient={supabaseClient}
          initialSession={pageProps.initialSession}
        >
<Component {...pageProps} />
// ...

Additional context

I have seen other threads in Discord, but they were v1.

For github, this is half of my problem (no one answered) https://github.com/supabase/supabase/discussions/9558

There is another thread https://github.com/supabase/supabase/discussions/9639 which gary has answered but exhibits similar problem.

Potential alternatives:

  • getSession instead as that will always get latest
    • Con: slower and may re-run each render

Current workaround: stop using useUser or SessionContext in checks or critical parts. Move all checks server-side in middleware.

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Reactions: 4
  • Comments: 22 (3 by maintainers)

Most upvoted comments

What is the current status with this? I think I am also running into the same issue…

+2
avgupta456 on Feb 8, 2023

@NanoCode012 @AvidDabbler @vincentjflorio @thorwebdev

Regarding the signOut, this seems to be a gotrue-js issue. I was able to resolve with a local code change, but wasn’t confident enough to create a PR for it. Hopefully a maintainer can verify or not.

https://github.com/supabase/gotrue-js/issues/524

+1
j4w8n on Nov 13, 2022
Read more comments on GitHub
← auth-helpers: [Invite user by email] Code Exchange Route doesn't generate Supabase client and session.
auth-helpers: @supabase/auth-helpers-nextjs: `createBrowserSupabaseClient` doesn't work in `next@13.3.0` - `Module not found: Can't resolve 'fs'` →