This project demonstrates an issue with @supabase/ssr where supabase.auth.getUser() fails with AuthSessionMissingError in Next.js (v15.2.4 tested) API Routes, despite a valid authentication cookie being present.
Related GitHub Issue: [Link do Twojego zgłoszenia na GitHubie - wstawisz później]
- Clone this repository.
- Create a
.env.localfile based on.env.local.examplewith your Supabase project credentials. - Run
npm install. - Run
npm run dev. - Open the application in your browser (e.g.,
http://localhost:3000/login) and log in with a valid user. You should be redirected to/dashboard. - Open browser developer tools, find the
sb-<YOUR_PROJECT_REF>-auth-tokencookie, and copy its value (ensure it's cleaned, withoutbase64-prefix or quotes). - Open a terminal and run the following
curlcommand (replace<PORT>and<PASTE_CLEANED_COOKIE_VALUE_HERE>):curl -X GET \ -H "Cookie: sb-<YOUR_PROJECT_REF>-auth-token=<PASTE_CLEANED_COOKIE_VALUE_HERE>" \ -v \ http://localhost:<PORT>/api/test-auth Observe the curl output (shows 401 Unauthorized) and the server logs (npm run dev terminal shows AuthSessionMissingError).