Skip to content

Commit

Permalink
fix: set cookies for password recovery event (#32)
Browse files Browse the repository at this point in the history 
## What kind of change does this PR introduce?

Bug fix

## What is the current behavior?

When resetting a user's password with an email template which has a URL
defining the `type` value as `recovery`, and using the `verifyOtp`
method to process the token_hash and type, the SSR server client's
`onAuthStateChange` function does not recognize the `PASSWORD_RECOVERY`
event that verifyOtp fires. This prevents the code
[here](https://github.com/supabase/ssr/blob/main/src/createServerClient.ts#L199-L205)
from running; resulting in the new session not being saved to cookies,
and the user is not considered logged in.

Fixes #21

## What is the new behavior?

User is logged in.

## Additional context

Replaces PR #24

Co-authored-by: Jason Creviston <jason@malynium.com>
  • Loading branch information
@j4w8n @j4w8n-malynium
j4w8n and j4w8n-malynium authored Jul 3, 2024
1 parent bebce89 commit 7dc1837
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions src/createServerClient.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -193,6 +193,7 @@ export function createServerClient<
(event === "SIGNED_IN" ||
event === "TOKEN_REFRESHED" ||
event === "USER_UPDATED" ||
event === "PASSWORD_RECOVERY" ||
event === "SIGNED_OUT" ||
event === "MFA_CHALLENGE_VERIFIED")
) {
Expand Down

0 comments on commit 7dc1837

Please sign in to comment.