Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

`supabase.auth.api.getUserByCookie()` doesn't work in Next.JS server-side environment

See original GitHub issue

Bug report

Describe the bug

supabase.auth.api.getUserByCookie() doesn’t work in Next.JS server-side environment (_middleware.ts)

To Reproduce

Steps to reproduce the behavior, please provide code snippets or a repository:

Create a supabase project
Create a Next.JS project
Create

Add following code to _middleware.ts

export async function middleware(req: NextRequest, ev: NextFetchEvent) {
    let supabase = createClient(...);
    let user = await supabase.auth.api.getUserByCookie(req);
    console.log('Auth ', user)
}

See logs

Auth  {
  user: null,
  data: null,
  error: ReferenceError: XMLHttpRequest is not defined
      at eval (webpack-internal:///./node_modules/cross-fetch/dist/browser-ponyfill.js?d2fb:462:17)
      at new Promise (<anonymous>)
      at fetch (webpack-internal:///./node_modules/cross-fetch/dist/browser-ponyfill.js?d2fb:455:12)
      at eval (webpack-internal:///./node_modules/@supabase/gotrue-js/dist/module/lib/fetch.js?85f4:44:63)
      at new Promise (<anonymous>)
      at eval (webpack-internal:///./node_modules/@supabase/gotrue-js/dist/module/lib/fetch.js?85f4:43:16)
      at Generator.next (<anonymous>)
      at eval (webpack-internal:///./node_modules/@supabase/gotrue-js/dist/module/lib/fetch.js?85f4:16:71)
      at new Promise (<anonymous>)
      at __awaiter (webpack-internal:///./node_modules/@supabase/gotrue-js/dist/module/lib/fetch.js?85f4:12:12)
}

Expected behavior

getUserByCookie() should either work (use fetch() internally instead of XMLHttpRequest), OR message should be more clear (check the presence of XMLHttpRequest in getUserByCookie() and throw Sorry, you shouldn't call this method in server side environment

System information

Next version is 12.0.1

Additional context

Add any other context about the problem here.

Issue Analytics

State:
Created 2 years ago
Reactions:6
Comments:43 (18 by maintainers)

Top GitHub Comments

9reactions

vklimontovichcommented, Nov 4, 2021

FYI, this workaroung does the job:

    let supabase = createClient(supabaseUrl, supabaseKey);
    let token = req.cookies['sb:token'];
    if (!token) {
        return 
    }
    let authRequestResult = await fetch(`${supabaseUrl}/auth/v1/user`, {
        headers: {
            'Authorization': `Bearer ${token}`,
            'APIKey': supabaseKey
        }
    });

8reactions

kiwicopplecommented, Nov 22, 2021

after more thorough testing I found the error was persisiting. sorry about the false posititve.

I added another commit to the PR, based on Thor’s link to the cross-fetch package - in particular, this comment. I can confirm that this works in Next.js middleware, on a local environment.

I’ll follow up on the linked package and see if that change is OK to merge