Some questions around using WeWeb Supabase auth plugin

Tims · March 11, 2025, 8:39am

Hi all,

I am using the Supabase auth plugin with Google social login (Google oAuth) which is all working very well, but I have some questions around that.

If a user logs in, how long do they stay logged in? Can I configure this on WeWeb side in the plugin or is this on Supabase side?
Per Supabase auth documentation, a login creates a session. Refreshing the session gives a new refresh token and access token pair. I’m using these access tokens to authorize REST API requests coming from my front-end. However, with some testing I noticed that the access token expires after 1 hour and a user will run into the error that the JWT token has expired. I suppose the simple approach would be to use the “Refresh session” in the workflow before sending the REST API request, but I wonder whether this is the best approach (I have about ~50 distinct workflows with rest API Requests). Is it best practice to build something like a “global session refresher” that automatically refreshes the token? Would that be even possible in WeWeb?

Topic		Replies	Views
Is there a way to set the Supabase auth token manually? How do I?	9	2156	February 17, 2024
WeWeb / Supabase auth issue Ask us anything supabase	12	525	April 30, 2024
JWT Token is expiring before the actual time Ask us anything authentication	3	57	February 26, 2025
Weweb x Supabase Google OAuth Open popup? Ask us anything authentication , supabase	2	36	January 26, 2025
Xano auth - how to implement refresh token How do I? authentication , xano	1	141	December 13, 2024