gotrue: Broken Invitation Links - http://kong is the domain

Bug report

  • I confirm this is a bug with Supabase, not with my own application.
  • I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

Currently, when sending an invitation to a user, the invitation link in the email is http://kong/auth/v1/verify?token=xxx rather than the proper domain.

To Reproduce

Steps to reproduce the behaviour, please provide code snippets or a repository:

  1. Setup docker Supabase
  2. Go to the authentication
  3. Click “Add user”
  4. Select “Send Invitation”
  5. Check the invitation link in the email

Expected behaviour

It was expected that the invitation URL to contain the configured URLs in the .env file rather than http://kong as the domain.

About this issue

  • Original URL
  • State: open
  • Created a year ago
  • Reactions: 7
  • Comments: 21 (4 by maintainers)

Most upvoted comments

I’m not sure if anyone has realized but in the docker-compose.yml it states SUPABASE_URL: http://kong/ changing this to use the API_EXTERNAL_URL variable should solve your issue. Or so one would think I have changed it to the local ip and i am getting it in the email link but I don’t get the port. Which in my case is 8000 the api is supposed to be directed too.

+2
EasternIndustries-IT on Nov 14, 2023

I’m facing the same problem. My temporary fix is to switch to “supabase/gotrue:v2.67.0” in my docker-compose.yml

+2
timkister on Oct 6, 2023

There is some breaking change in a minor release: v2.67.1 (https://github.com/supabase/gotrue/compare/v2.67.0...v2.67.1).

In our case, after upgrading Docker image to anything above v2.67.1 (including current latest) turns the account confirmation URL from https to https, there are also some other minor changes.

v2.67.0 (correct)

https://auth.domain.app/auth/v1/verify?token=token&type=signup&redirect_to=https://web.domain.app/login

v2.67.1 (broken)

http://auth.domain.app/auth/v1/verify?redirect_to=https%3A%2F%2Fweb.domain.app%2Flogin&token=token&type=signup

I’ve tried to reproduce this outside of the docker environment, kong etc. by injecting our configuration through .env, so I can run the debugger on main.go. I’ve set up breakpoints on: ConfirmationMail and isValidExternalHost and problem doesn’t exist for some reason.

Unfortunately I don’t have much time currently to add some additional logging to the code, compile the binary and debug/run it from the Docker context, to understand at which stage the URL does get broken.

+2
tomekit on Oct 1, 2023

Hi @Obeyed, I am not sure if I can help here. In our case we’re running fork with a couple amendments. Most importantly this line needs changing: https://github.com/supabase/gotrue/commit/c1f0ec8da6e8c19361789cb3d182a4c77c2763e5#diff-97dfc3310e5139b4d9c7a160bd077aeb81ca1e7b8d7cfa837a402f54b4c03a3dR213

Given that Supabase team is likely busy with other items your best bet is either to wait or apply it yourself and build a Docker image, alternatively use our build: s3drive/gotrue:v2.129.1 (https://hub.docker.com/layers/s3drive/gotrue/v2.129.1/images/sha256-a8176564a48f34b20598884848f284ed78cb8db0b5d44fea20d2ed8d37a4eab9?context=explore) which is the most recent Supabase version with these two fixes applied: https://github.com/supabase/gotrue/compare/master...tomekit:gotrue:master however please be aware that you shouldn’t really use unofficial images for your organization… after all it’s auth.

Good luck !

+1
tomekit on Dec 19, 2023
Read more comments on GitHub
← gotrue: Azure Auth: http://localhost:5000/?error=server_error&error_description=Error+getting+user+email+from+external+provider
gotrue: [BUG]: Supabase does not work with React Native Google signin →