[tvOS] Allow setting auth tokens manually about supabase-swift HOT 6 CLOSED

I just forked the code in order to work on that implementation and was then realizing that just implementing setAuth as in gotrue-js would not work at all.
Since I have never a "old" session in my setup I would first need to somehow create a "fresh" session to just swap the accessToken (and keep the User etc. around).

This actually works by calling refreshSession(refreshToken: String) but this invalidates my refresh token on my other device (as expected) where I was signed in before. It's not ideal, but it works for now.

So maybe there should be a method that takes both the access and refresh token and creates a Session from that and extracts User data from the JWT payload of the access token? Didn't have an extend look into what it takes to create a Session struct.

from supabase-swift.

Hey all, I implemented the setSession method on supabase-community/gotrue-swift#36
Can someone point supabase-swift to feat/setSession and test if it solves your use case?

from supabase-swift.

Hi @florivdg thanks for opening this issue.

Would this methods on gotrue-js https://github.com/supabase/gotrue-js/blob/master/src/GoTrueClient.ts#L386-L421 solve your issue if added to gotrue-swift?

from supabase-swift.

Hey @GRSouza thanks for your quick response!

Indeed I think this is exactly what I am looking for in order to get this to work!

from supabase-swift.

Ok, the method for setting refresh token is already implemented on gotrue-swift, it just lacks the setAuth.

If this is urgent for you, I think it would be faster if you could PR this change into the gotrue-swift repository, and I'd be glad reviewing it.

If that's not blocking you now, I can do it tomorrow I think.

from supabase-swift.

I have a similar problem, however not on tvOS, but while developing an iOS App Extension for my iOS app. There's currently no mechanism in supabase-swift to authenticate a new session using existing (unexpired) accessToken and refreshToken; however this functionality seem to exists in the gotrue-js, as per comment in the linked thread.

This is due to the fact that iOS App Extensions, despite being part of the same app bundle live in separate containers that do not have access to one another.

A simple case to make sure it's clear why this is needed on iOS:

1. User launches MainApp and signs in using email and password
2. User then switches to another app, for example Safari
3. User finds a link they want to share to their MainApp account, so they tap Share button and open iOS Share Sheet
4. User sees MainApp and taps the icon to share it.
5. iOS fires up MainApp.ShareExtension bundle and in order to execute writing data directly to Supabase using supabase-swift

Expected outcomes:

• App Extension re-authenticates if necessary before it can upload data to Supabase via SDK using existing credentials from the MainApp
• User is never asked for credentials, unless the session in the MainApp is invalid or expired

Current outcomes:

• Unable to re-authenticate reusing existing session without logging user out from MainApp

Current workaround:

• Sending POST request via URLSession to the REST API using appropriate auth tokens.
• Use CoreData with a Shared Container to add data to MainApp with a massive overhead to sync this data accurately when the MainApp is re-opened, so it's not feasible at all to do this.

Notes:

• App is online-only (not offline capability, storage, or sync; just in-memory), so relies 100% on Supabase SDK

from supabase-swift.