Updated local auth state storage

2026-03-11 17:07:34 +01:00
parent 3e81e46b1a
commit 05a9b4f023
2 changed files with 52 additions and 25 deletions
--- a/FastNotes/libs/supabase.ts
+++ b/FastNotes/libs/supabase.ts
@@ -1,22 +1,50 @@
 import { createClient } from '@supabase/supabase-js'
+import AsyncStorage from '@react-native-async-storage/async-storage'
 import { deleteItemAsync, getItemAsync, setItemAsync } from 'expo-secure-store'
 import 'react-native-url-polyfill/auto'
-import Constants from "expo-constants"
+import Constants from 'expo-constants'
 import { Platform } from 'react-native'

-const ExpoSecureStoreAdapter = {
-  getItem: (key: string) => {
-    return getItemAsync(key)
-  },
-  setItem: (key: string, value: string) => {
-    if (value.length > 2048) {
-      console.warn('Value being stored in SecureStore is larger than 2048 bytes and it may not be stored successfully. In a future SDK version, this call may throw an error.')
+const REFRESH_TOKEN_STORAGE_KEY = 'supabase.auth.refresh-token'
+
+type PersistedSession = {
+  refresh_token?: string
 }
-    return setItemAsync(key, value)
+
+const NativeSplitStorageAdapter = {
+  getItem: async (key: string) => {
+    return AsyncStorage.getItem(key)
  },
-  removeItem: (key: string) => {
-    return deleteItemAsync(key)
+
+  setItem: async (key: string, value: string) => {
+    await AsyncStorage.setItem(key, value)
+
+    try {
+      const session = JSON.parse(value) as PersistedSession
+
+      if (session.refresh_token) {
+        await setItemAsync(REFRESH_TOKEN_STORAGE_KEY, session.refresh_token)
+      } else {
+        await deleteItemAsync(REFRESH_TOKEN_STORAGE_KEY)
+      }
+    } catch (error) {
+      console.warn('Stored Supabase session, but could not parse refresh token for SecureStore backup.', error)
+    }
  },
+
+  removeItem: async (key: string) => {
+    await AsyncStorage.removeItem(key)
+    await deleteItemAsync(REFRESH_TOKEN_STORAGE_KEY)
+  },
+}
+
+export const hasSecureRefreshToken = async () => {
+  if (Platform.OS === 'web') {
+    return false
+  }
+
+  const refreshToken = await getItemAsync(REFRESH_TOKEN_STORAGE_KEY)
+  return Boolean(refreshToken)
 }

 const extra = (Constants.expoConfig?.extra ?? Constants.manifest?.extra) as {
@@ -28,14 +56,10 @@ const supabaseUrl = extra?.supabaseUrl
 const supabaseAnonKey = extra?.supabaseKey

 if (!supabaseUrl || !supabaseAnonKey) {
-  throw new Error("Cannot read env variables")
+  throw new Error('Cannot read env variables')
 }

-const storage = (
-  Platform.OS === "web"
-    ? window.localStorage
-    : ExpoSecureStoreAdapter
-)
+const storage = Platform.OS === 'web' ? window.localStorage : NativeSplitStorageAdapter

 export const supabase = createClient(supabaseUrl, supabaseAnonKey, {
  auth: {
@@ -44,5 +68,4 @@ export const supabase = createClient(supabaseUrl, supabaseAnonKey, {
    persistSession: true,
    detectSessionInUrl: false,
  },
-  }
-)
+})
--- a/FastNotes/providers/auth-provider.tsx
+++ b/FastNotes/providers/auth-provider.tsx
@@ -1,5 +1,5 @@
 import { AuthContext } from '@/hooks/use-auth-context'
-import { supabase } from '@/libs/supabase'
+import { hasSecureRefreshToken, supabase } from '@/libs/supabase'
 import { PropsWithChildren, useEffect, useState } from 'react'

 const buildClaims = (user?: { id: string; email?: string | null } | null) =>
@@ -26,6 +26,10 @@ export default function AuthProvider({ children }: PropsWithChildren) {
        console.error('Error hydrating session:', error)
      }

+      if (!session && await hasSecureRefreshToken()) {
+        console.warn('Found an encrypted Supabase refresh token backup, but fallback session recovery is not implemented.')
+      }
+
      setClaims(buildClaims(session?.user))
      setIsLoading(false)
    }