Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Local Storage getting cleared randomly, causing user to log out

See original GitHub issue

Bug report

Describe the bug

Sometimes, the local storage entry for Supabase Auth (supabase.auth.token) gets cleared, causing the user to be logged out of the application. Local storage keys unrelated to Supabase are unchanged and remain persisted, leading me to believe that this is a Supabase issue.

To Reproduce

I’m not entirely sure how to reproduce this. It happens consistently for me, but I don’t know the cause. Usually, after logging in and waiting for a few days, the local storage entry gets cleared automatically.

You can try the following:

Implement client-side Supabase Auth
Log into the application
Wait some period of time (usually 1-2 days)
Observe that you are logged out and the local storage entry has been cleared

For details on how I am implementing Supabase Auth, take a look at my public repository.

Expected behavior

supabase.auth.token should never be cleared unless the user explicitly logs out or clears their cache.

System information

This happens on multiple OS’s and browsers.

OS: Windows, Android, iOS
Browser (if applies): Chrome, Safari
Version of supabase-js: 1.22.5

Additional context

My JWT expiry is 604800, but I’ve also used 60 before with the same behavior happening. It seems to be unaffected by the JWT expiry value.

This happens both on localhost and in production.

I’m not sure about the implementation details of Supabase Auth, but what could be happening is that the refreshToken that I am passing into the signIn method is expired, so the user gets automatically logged out and the local storage entry is cleared. What should happen is that the token is automatically refreshed, the user stays signed in, and the local storage entry is preserved/updated.

Edit: I’ve noticed this happening sometimes after I deploy. Is there something that changes after each deployment that invalidates the session? I’m using Vercel.

Issue Analytics

State:
Created 2 years ago
Reactions:7
Comments:20 (4 by maintainers)

Top GitHub Comments

14reactions

davutcommented, Jan 12, 2022

Why it takes too long to solve this issue 😦 ?

1reaction

TeddyLoursoncommented, Aug 18, 2022

I don’t know if it will help you because it was pretty specific to my implementation, but here is how I solved it. I am listening to the person table which is a table that I created and linked to the users table generated by Supabase (it’s just holding more details about the user.) I created a layer of abstraction to listen for changes and return an Observable that returns Either a Failure or an instance of the retrieved/updated Person. The error I had was when I tried to unsubscribe from the stream when refreshing the page. I had a warning saying that the stream was already closed or something. All I had to do was to remove the call from the return method of the useEffect hook for it to work.

  useEffect(() => {
    let handleSessionSubscription: Subscription | null;
    const maybeSession = supabase.auth.session();
    handleSessionSubscription = handleSession(maybeSession);
    const { data: subscription } = supabase.auth.onAuthStateChange(
      (_event, session) => {
        handleSessionSubscription = handleSession(session);
      }
    );
    return () => {
      // Here be dragons 🐉
      // 👇 This was giving me an error, I removed it
      handleSessionSubscription?.unsubscribe();
      subscription?.unsubscribe();
    };
  }, []);

My handleSession method :

  const handleSession = (session: Session | null) => {
    if (null === session || null === session.user) {
      setAuthStateUnauthenticated();
      return null;
    }
    const user = session.user;
    const id = new UniqueId(user.id, 'fromUniqueString');
    return personRepository.watchPerson(id).subscribe((failureOrPerson) => {
      failureOrPerson.fold(toastFailure, (personSuccess) => {
        const person = personSuccess.data;
        setAuthStateAuthenticated({ person: person });
      });
    });
  };

Top Results From Across the Web

When is localStorage cleared? - Stack Overflow

In Firefox, localStorage is cleared when these three conditions are met: (a) user clears recent history, (b) cookies are selected to be cleared, ......

Local storage data getting deleted… | Apple Developer Forums

Hi Team, We are using following different concepts for storing the users data in the device in our hybrid mobile application and even...

Solved: Unable to access browser's local storage. Some fea...

"Unable to access browser's local storage. Some features such as undo or redo might not work until you clear browser's data." After clearing...

The Store - React-admin

The store uses the browser local storage (or a memory storage when localStorage isn't available). The store is emptied when the user logs...

Please Stop Using Local Storage - DEV Community ‍ ‍

Things are getting completely out of hand. Almost every day I stumble across a new website storing sensitive user information in local ......