TL;DR : Refresh token NOT WORKING with the Supabase Auth plugin
_
For a new project, I’ve recently started to use the supabase Auth plugin.
I sometimes get ‘Unauthorized’ errors in the editor because my supabase access token is not valid anymore.
And when this happens, I’ve noticed that I automatically get a new access token, not so long after…
Last time I’ve checked, the new access token came about 40 seconds later.
That’s bad. Because, if the same thing happen on my live app, then the flow is going to get broken, and my user is going to be left with an error.
Sure, I could add a manual check to refresh the token, but in that case, what is the purpose of the Auth plugin ?
I’m used to do everything manually, and have a refresh token action at the beginning of all my WFs. It checks if my supabase token is expired, and if it is, then I make an API call to get the new access token.
And I am in control of when and where I get the refresh token.
I’m going to check with our support if we are getting reports about this, or if it’s an isolated incident or if it’s a misconfiguration on your side and I’ll let you know.
That usually happens because of the token expiration time you’ve set up in your database settings.
What I did in my case was implement a visual indicator that shows how much time is left before the token expires. You can display this as text, and then trigger a workflow based on that. Either redirecting the user to the login screen once the token is no longer valid (based on the timestamp), or refreshing the token upon session_token_valid=false.
You can even add a condition to only refresh it if the user has interacted with the app in the last few seconds, so you only keep sessions alive for active users. Otherwise, you can just drop the session.
I sometimes get ‘Unauthorized’ errors in the editor because my supabase access token is not valid anymore.
