Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Request for Improved Response Status in supabase.auth #804

Open
mashwishi opened this issue Sep 24, 2023 · 7 comments
Open

Request for Improved Response Status in supabase.auth #804

mashwishi opened this issue Sep 24, 2023 · 7 comments

Comments

@mashwishi
Copy link

I'd like to open a discussion regarding the current response structure in supabase.auth. Currently, when making requests related to user authentication, we receive JSON responses that look like this:

For invalid credentials:

{"data": {"session": null, "user": null}, "error": [AuthApiError: Invalid login credentials]}

For unconfirmed accounts:

{"data": {"session": null, "user": null}, "error": [AuthApiError: Email not confirmed]}

In scenarios where a user registers but hasn't yet confirmed their email, this "Email not confirmed" string is used in the response. However, this string is subject to change in future updates, making it less reliable for developers to build upon.

Proposal

I propose that Supabase consider implementing a more standardized status code approach in the response, in addition to or instead of the current error messages. For instance:

For invalid credentials, a status code of 401:

{"data": {"session": null, "user": null}, "error": [AuthApiError: Invalid login credentials], "status": 401}

For unconfirmed accounts, a status code of 435:

{"data": {"session": null, "user": null}, "error": [AuthApiError: Email not confirmed], "status": 435}

By using standardized status codes, developers can rely on consistent responses and don't have to rely on parsing error message strings, which can change over time.

Benefits

  • Improved developer experience: Consistent status codes make it easier for front-end developers like myself to handle different authentication scenarios without relying on error message strings.

  • Future-proofing: Status codes are less likely to change, providing a stable foundation for building on top of Supabase's authentication system.

  • Clarity in documentation: If adding status codes directly to the response is not feasible, consider updating the documentation to clarify the meaning of specific error messages.

I believe this change would greatly benefit the Supabase community, especially front-end developers who rely on Supabase without a backend. Let's discuss this proposal and explore how we can enhance the developer experience.

Video Attachment

I have attached a video to this discussion post to visually demonstrate the scenario I mentioned, showcasing the potential benefits of this proposal.

Thank you for considering this suggestion, and I look forward to hearing from the community and the Supabase team regarding this matter. Your feedback and insights are greatly appreciated.

0924.mp4
@mashwishi mashwishi reopened this Sep 26, 2023
@mashwishi
Copy link
Author

image

Hope its error number not string

@J0 J0 transferred this issue from supabase/supabase-js Oct 23, 2023
@hf
Copy link
Contributor

hf commented Dec 19, 2023

This is planned and high-up on the priority list. Keeping the issue open until we have it.

@tom-at-pixel
Copy link

tom-at-pixel commented Jan 17, 2024

@hf Thanks for prioritizing this. Do you have a rough timeline for this work? This is a critical feature for localized apps. Right now, we have to identify the error type from the error message, then map that to our language-specific strings to show the user. Every now and then we have to check that the strings haven't changed, which doesn't feel right. Thank you and the team for looking at this! 😊

@hf
Copy link
Contributor

hf commented Jan 17, 2024

@tom-at-pixel This is worked on and I'm leading it. Goal is to have something out in the next few weeks. Main PR is here if you want to follow along, though still early stages: supabase/auth#1377

@madhukar01
Copy link

Ran into this today while integrating auth. Despite the docs talking about using code, the APIs are returning undefined value for code.

@tom-at-pixel
Copy link

tom-at-pixel commented Aug 8, 2024

@hf Your work on this has been super useful -- thank you for that! There is however a bug right now where code is undefined for (some?) sign-in errors, like wrong email/password combination. Any chance you have the bandwidth to take a look at this bug? #947

@J0
Copy link
Contributor

J0 commented Aug 27, 2024

Hey @tom-at-pixel

Thanks for reporting the issue. A fix has been merged and should go out later this week or early next week. I've also replied to the linked thread

Hope this helps

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants