As an author of an authentication library, recent changes have made things annoying/complex #6634
Replies: 3 comments 2 replies
-
|
As a one embracing Supabase SSR SvelteKit Auth Helpers which depend on session heavily and are now broken I have to agree very strongly. |
Beta Was this translation helpful? Give feedback.
-
|
is it such a big deal having to call cookie.set more than once sometimes ? |
Beta Was this translation helpful? Give feedback.
-
|
For my library, it returns an array of cookies and you have to set the cookies by yourself. It's just better DX if you can just use const session = await createUser()
setHeaders({
"set-cookie": session.cookies
}) |
Beta Was this translation helpful? Give feedback.
-
Subsequent load functions didn't run in parallel previously, so nothing is being lost here
You couldn't do this previously either
You can easily create your own store
It seems like it'd be easy to have it accept a Map or Record with names as keys and values as values. Feel free to file a feature request for this and then send a PR for it |
Beta Was this translation helpful? Give feedback.
-
My discussion has nothing to do with the changes in load functions/routing. I'm just saying that you can't get the useful features the update provided (parallel loading functions) when using auth. (Sorry for including a point unrelated to the title)
You could change the value of session store in the client, which would've update the
Yes, but that's not my point. When creating an auth library, you'll add a wrapper component that can be used in the root layout. If that wrapper component sets the custom session store, it becomes impossible to get the session store in the same layout the wrapper is located in. This is really specific to auth libraries, but the title says "As an author of authentication library." <script>
// can't get session here
</script>
<Auth>
<slot/> // can get session here
</Auth>Edit: Found a way to solve most problems |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Mostly 2 things: The removal of
sessionstores, and the use ofcookiesto set cookies in actions. While I say this as an author of an authentication library, I feel other libraries like Supabase auth helpers will face similar issues.1. Removal of session stores
I feel like the old
sessionstore cannot be fully replicated using current features. For one, it now requires the use of layout server load function. This means that you can't run subsequent load functions in parallel since you have to get the user's data usingawait parent(). Second, now there's no way to send data to load functions from pages. The access token provided by my library expires in 15 minutes and can be refreshed in the client. After refresh, there's no way to get the new access token in load functions in subsequent navigation. Third, session stores were set to context outside of the root layout/page. This meant the session store could be read anywhere. I can't have a single wrapper component for the root layout that handles client-side things (including setting the session store to a context) since you wouldn't be able to access the custom session store within in the same layout component as the wrapper.2. Changes to cookies
You used to be able to set cookies using
setHeaders, which made it easy forcreateUserSession, for example, to return a set of stringified cookies (for tokens) that the user can set using:My biggest complaint is that
cookie.set()can only set 1 cookie at a time, and that I can't use setHeaders in actions (though I know the team considered interceptingsetHeaders).There are workarounds for these problems but all of them add redundant methods and feel unnecessary.
Beta Was this translation helpful? Give feedback.
All reactions