Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modify password for already signed in user does not seem to work #58

Closed
BasBBakker opened this issue May 5, 2023 · 9 comments
Closed

Modify password for already signed in user does not seem to work #58

BasBBakker opened this issue May 5, 2023 · 9 comments
Assignees
@BasBBakker
Labels
bug Something isn't working

Comments

@BasBBakker
Copy link

Bug report

Describe the bug

When I try to update the password of an already signed in User, I get an error and this message in the browser:

{"message":"No API key found in request","hint":"No apikey request header or url param was found."}

This is the code I use:

public async Task ModifyPassword(string newpassword)
{
    
    var attrs = new UserAttributes
    {
        Email = client.Auth.CurrentUser.Email,
        Password = newpassword
       
    
    };
    var response = await client.Auth.Update(attrs);

           

}

Thanks in advance!
@BasBBakker BasBBakker added the bug Something isn't working label May 5, 2023
@acupofjose
Copy link
Collaborator

Can you show me how you're initializing the client in your code?

@BasBBakker
Copy link
Author

BasBBakker commented May 6, 2023
edited
Loading

I use the Blazor Webassembly example in the C# supabase library:
https://github.com/supabase-community/supabase-csharp/tree/master/Examples/BlazorWebAssemblySupabaseTemplate

The client is then initialized as per below:

public class AuthService
{
private readonly Supabase.Client client;
private readonly AuthenticationStateProvider customAuthStateProvider;
private readonly ILocalStorageService localStorage;
private readonly ILogger logger;

public AuthService(
     Supabase.Client client,
    AuthenticationStateProvider CustomAuthStateProvider,
    ILocalStorageService localStorage,
    ILogger<AuthService> logger
) : base()
{
    logger.LogInformation("------------------- CONSTRUCTOR -------------------");

    this.client = client;
    customAuthStateProvider = CustomAuthStateProvider;
    this.localStorage = localStorage;
    this.logger = logger;
}

public async Task ModifyPassword(string newpassword)
{


    var attrs = new UserAttributes
    {
        Email = client.Auth.CurrentUser.Email,
        Password = newpassword


    };
    var response = await client.Auth.Update(attrs);




}

}

@acupofjose
Copy link
Collaborator

Hm. That's strange. It acts as though your client hasn't been initialized with a supabase_public_key... everything else works as normal?

@BasBBakker
Copy link
Author

BasBBakker commented May 7, 2023 via email

@acupofjose
Copy link
Collaborator

Okay. I’m thinking #57 ought to address this when it’s merged! Thanks for your patience!

@BasBBakker
Copy link
Author

It sends an API key and a bearer token.

In the network console I get the message:
{"code":401,"msg":"Password update requires reauthentication."}

Is this because in the payload the email_change_token is null?

{email: "x@x.us", email_change_token: null, password: "xxx", phone: null, data: {}}

@BasBBakker
Copy link
Author

Putting in the email_change_token in the payload gives the same error message.

acupofjose added a commit that referenced this issue May 16, 2023
@acupofjose
Re: #58 - Add the reauthentication endpoint
2baedd7
@acupofjose
Copy link
Collaborator

acupofjose commented May 16, 2023
edited
Loading

Okay: some more data for you! You are correct, we are missing the reauthentication endpoint in the current client (commit incoming).

The following currently works:

var email = $"{RandomString(12)}@supabase.io";
var newPassword = "IAmANewSecretPassword!@#";
await client.SignUp(email, "testing123!@#12");
			
await client.Update(new UserAttributes()
{
   Password = newPassword
});

await client.SignOut();
var user = await client.SignIn(email, newPassword);

The above functions provided the following is true:

  • Options.AllowUnconfirmedSessions = true
  • Supabase Admin Panel has email sign-up confirmations turned off
  • Supabase Admin Panel has password change confirmations turned off

Adding the reauthentication endpoint provides support for the following:

The below functions provided the following is true:

  • Supabase Admin Panel has password change confirmations turned on
var email = $"email@example.com";
var initialPassword = ""testing123!@#12";
await client.SignUp(email, initialPassword);

// User has confirmed email 
await client.SignIn(email, initialPassword);

// User is signed in
await client.Reauthenticate();

// User receives email with a nonce
var newPassword = "IAmANewSecretPassword!@#";
await client.Update(new UserAttributes()
{
	Password = newPassword,
	Nonce = RECEIVED_NONCE,
});

The above will be available in 4.0.2

@BasBBakker
Copy link
Author

Works perfect. Thanks a lot!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@BasBBakker BasBBakker

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@acupofjose @BasBBakker