Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The 'cache' field on 'RequestInitializerDict' is not implemented - Cloudflare Workers #1001

Closed
2 tasks done
davbauer opened this issue Mar 28, 2024 · 24 comments · Fixed by supabase/auth-js#886
Closed
2 tasks done
Labels
bug Something isn't working

Comments

@davbauer
Copy link

Bug report

  • I confirm this is a bug with Supabase, not with my own application.
  • I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

When using the following method

supabase.auth.getUser(jwt?: string)

in my wrangler clouflare workers api I get following error:

  --> POST /jwt/plan/current/55524767-a973-410f-b139-3794d4efbb2e 401 1ms
 [ERROR] Error: The 'cache' field on 'RequestInitializerDict' is not implemented.

      at checkURL
  (file:///Users/david/Documents/github/vinna-ai/api/app/.wrangler/tmp/bundle-ieatTC/checked-fetch.js:9:9)
      at Object.apply
  (file:///Users/david/Documents/github/vinna-ai/api/app/.wrangler/tmp/bundle-ieatTC/checked-fetch.js:27:3)
      at null.<anonymous>
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/lib/helpers.ts:103:23)
      at _handleRequest
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/lib/fetch.ts:178:20)
      at _request
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/lib/fetch.ts:151:22)
      at SupabaseAuthClient._getUser
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1188:22)
      at SupabaseAuthClient.getUser
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1168:25)
      at authSupabaseMiddleware
  (file:///Users/david/Documents/github/vinna-ai/api/app/src/middleware/authSupabase.ts:35:56)
      at dispatch
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:29:23)
      at null.<anonymous>
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:30:20)
  Error while getting user by access_token  AuthRetryableFetchError: The 'cache' field on
  'RequestInitializerDict' is not implemented.
      at _handleRequest
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/lib/fetch.ts:188:11)
      at _request
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/lib/fetch.ts:151:22)
      at SupabaseAuthClient._getUser
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1188:22)
      at SupabaseAuthClient.getUser
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1168:25)
      at authSupabaseMiddleware
  (file:///Users/david/Documents/github/vinna-ai/api/app/src/middleware/authSupabase.ts:35:56)
      at dispatch
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:29:23)
      at null.<anonymous>
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:30:20)
      at defaultMiddleware
  (file:///Users/david/Documents/github/vinna-ai/api/app/src/middleware/default.ts:87:9)
      at dispatch
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:29:23)
      at null.<anonymous>
  (file:///Users/david/Documents/github/vinna-ai/api/app/node_modules/hono/dist/compose.js:30:20) {
    __isAuthError: true,
    status: 0,
    code: undefined
  }

To Reproduce

I am using wrangler cloudflare worker and I am using hono for routing, but either way these lines should trigger the error:

const jwt: string = c.req.header("Authorization")?.split(" ")[1] ?? "";
const { data, error } = await supabase.auth.getUser(jwt);

After that data is null and error includes the error, which is pasted above.

Expected behavior

It should just get the user as usual, this problem occurred just since today for me.

Screenshots

  • None

System information

  • OS: macOS (Verified it also does not work when deployed to cloudflare workers)
  • Version of supabase-js: [2.41.1] also for (2.38.0)
  • Version of Node.js: [21.6.2]

Additional context

Also not sure if its an issue from cloudflare wrangler itself.
Reference to issue: cloudflare/workerd#698

Would be cool to know if there is anything I can do, since I am not able to continue from there on.

For some reason I never stumbled into that problem 3 days ago and I have not changed any files / package versions, which I can verify by my git history and also recloning my project.

Could it be that something got updated from the server-side of supabase which my cloudflare worker can not handle anymore?

Thank you!

@davbauer davbauer added the bug Something isn't working label Mar 28, 2024
@orenaksakal
Copy link

orenaksakal commented Mar 29, 2024

I encountered same problem on cloudflare pages hosted sveltekit app.

Seems like it was introduced with this bump of auth-js https://github.com/supabase/supabase-js/releases/tag/v2.41.1
and reason being cache:no-store not supported by cloudflare workers supabase/auth-js@034bee0

actuall this release introduced another problem https://github.com/supabase/auth-js/releases/tag/v2.63.0
Now you get warnings logged for

"Using supabase.auth.getSession() is potentially insecure as it loads data directly from the storage medium (typically cookies) which may not be authentic. Prefer using supabase.auth.getUser() instead. To suppress this warning call supabase.auth.getUser() before you call supabase.auth.getSession()."

Even if you are not using getSession() anywhere because SupabaseClient itself uses it

I see getAccessToken here is using getSession
https://github.dev/supabase/supabase-js/blob/6cfed0c2f958b94b0c9ff064f9e120217b6ba4ec/src/SupabaseClient.ts#L244

and its used with fetchWithAuth here
https://github.dev/supabase/supabase-js/blob/6cfed0c2f958b94b0c9ff064f9e120217b6ba4ec/src/lib/fetch.ts#L35

invoked on SupabaseClient's constructor here
https://github.dev/supabase/supabase-js/blob/6cfed0c2f958b94b0c9ff064f9e120217b6ba4ec/src/SupabaseClient.ts#L103

Downgrading the version was a work around so I'm using

"@supabase/ssr": "^0.1.0"
"@supabase/supabase-js": "^2.39.7"

to solve this problem

@davbauer
Copy link
Author

@orenaksakal

Thanks for the comment.

I tried downgrading to the from you specified supabase-js version. I also tried using other older versions of the supabase-js package and downgrading to another older wrangler version.

This sadly all resulted in the same issue for me (Wrangler Cloudflare Worker).

How can this even be possible? I am 100% sure I deleted the node_modules, .wrangler folder, and the yarn.lock file and then reinstalled the packages.

@davbauer
Copy link
Author

davbauer commented Mar 29, 2024

Remark.

Was able to temporarily fix it by specifying the auth-js version explicitly in the package.json.

{
    "@supabase/auth-js": "^2.62.0",
    "@supabase/supabase-js": "2.39.8"
    /* other packages */
}

Edit: Sometimes only including @supabase/auth-js does not fix the issue. In that case try to add the following to your package.json: (found out by: cloudflare/workerd#698 (comment))

"overrides": {
    "@supabase/auth-js": "^2.62.0"
}

@RaresAil
Copy link

I have the same issue, the latest working version for me is ^2.40.0, i think is because of bump functions-js

@raventos
Copy link

This is causing Supabase Auth not to work when deployed to Cloudflare. Reverting back to an older version of supabase-js seems to be a temporary workaround.

@nechmads
Copy link

nechmads commented Apr 1, 2024

@raventos. This is super weird. When I use that fix on a new cloudflare worker project it works and the bug is gone.
But when I do the same thing on our project, the bug still persist.
I even did git pull to a new folder and tried to run the project there and I still get the same result. I can't explain it.

@nechmads
Copy link

nechmads commented Apr 1, 2024

There is something extremely weird, I suspect it relates to how npm works.
I have a folder in which I had a new "hello world" cloudflare worker project which I added supabase to. First without the addition of "@supabase/auth-js": "^2.62.0". After adding the auth-js line, this project is working without showing the bug.

I now created a new hello world project, copied all the files from the working project to this one, and the bug returned.

I then copied the node_modules folder from the working project to the new one, and the new one started to work again.
Note that the package.json file of both projects is identical, but until I copied the actual node_modules folder, one project was working and one was failing.

@RaresAil
Copy link

RaresAil commented Apr 3, 2024

The issue is present and in version 2.42.0

@hawkcookie
Copy link

I have the same issue. How do we solve this error?

@nechmads
Copy link

nechmads commented Apr 3, 2024

For now the only solution that worked for me was to add the following to package.json:
"@supabase/auth-js": "^2.62.0", "@supabase/supabase-js": "^2.39.8",

and
"overrides": { "@supabase/auth-js": "^2.62.0" }

@hawkcookie
Copy link

hawkcookie commented Apr 3, 2024

@nechmads
Thank you, that was really helpful. There was no urgent need to upgrade supabase-js to v2.41.1, so I ran yarn remove @supabase/supabase-js and then reinstalled it with 2.39.8. After that, everything started working normally again.

@jdgamble555
Copy link

If you're using the right version of the package, you shouldn't have to override.

"@supabase/ssr": "^0.1.0",
"@supabase/supabase-js": "^2.39.8",

Version 2.39.8 will only have access to the gotrue 2.62.2 version. Just make sure to uninstall then reinstall it.

Hoping this gets fixed soon.

J

@davbauer
Copy link
Author

davbauer commented Apr 4, 2024

@jdgamble555 This might be a solution for a group of people but for @nechmads and me downgrading was for some reason not enough.

And yes I made sure to clear the package cache, regenerate a package-lock.json etc.

@nechmads
Copy link

nechmads commented Apr 4, 2024

@davbauer The solution was to also add:
"overrides": { "@supabase/auth-js": "^2.62.0" }
to package.json. That solved it. Othrwise, somehow npm sometimes still linked to the newer version.

@davbauer
Copy link
Author

davbauer commented Apr 4, 2024

@nechmads I am very well aware of that if you look at my previous/edited comments days ago.

I was just saying that for some people like you and me downgrading alone is not enough.

@patbranchaud
Copy link

"Error: The 'cache' field on 'RequestInitializerDict' is not implemented."

"@supabase/ssr": "latest",
"@supabase/supabase-js": "^2.40.0",

Cloudflare, nextjs, next-on-pages

@hf
Copy link
Contributor

hf commented Apr 16, 2024

You can override the fetch for the time being by passing an option to createSupabaseClient(), as this is a security measure in NextJS that likes to cache things too eagerly sometimes. We're looking into removing it when deemed safe.

Check the globals.fetch option https://supabase.com/docs/reference/javascript/initializing

@evwltrs
Copy link

evwltrs commented Apr 17, 2024

@hf

I tried overriding the fetch using the example in the docs and it doesn't fix the issue on SvelteKit. I'm not exactly sure what it means to override the fetch and how I should do it on SvelteKit so some extra clarification on how to use that option to fix this issue would be amazing.

I failed to notice I was using createServerClient from /ssr, which unfortunately doesn't have this option. Would appreciate some guidance on what to do then.

@yankustefan
Copy link

Hi @hf thanks for your helpful input!

The globals.fetch override works fine with createClient, but unfortunately not with createServerClient imported from @supabase/ssr, as @evwltrs has already mentioned.

I am using:

"@supabase/ssr": "^0.3.0",
"@supabase/supabase-js": "^2.42.4",
...
"@remix-run/cloudflare": "^2.8.1",
"@remix-run/cloudflare-pages": "^2.8.1",
"wrangler": "^3.50.0"

This is the error:

AuthRetryableFetchError: The 'cache' field on 'RequestInitializerDict' is not implemented.
      at _handleRequest2 (file:///xxx/node_modules/@supabase/auth-js/src/lib/fetch.ts:188:11)
      at async _request (file:///xxx/node_modules/@supabase/auth-js/src/lib/fetch.ts:151:16)
      at null.<anonymous> (async file:///xxx/.wrangler/tmp/dev-i7rAm1/functionsWorker-0.6340959581380707.js:42787:16)
      at async SupabaseAuthClient._useSession (file:///xxx/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1053:14)
      at async SupabaseAuthClient._getUser (file:///xxx/node_modules/@supabase/auth-js/src/GoTrueClient.ts:1195:14)
      at null.<anonymous> (async file:///xxx/.wrangler/tmp/dev-i7rAm1/functionsWorker-0.6340959581380707.js:42773:58)
      at null.<anonymous> (async file:///xxx/.wrangler/tmp/dev-i7rAm1/functionsWorker-0.6340959581380707.js:42685:154) {
    __isAuthError: true,
    status: 0,
    code: undefined
  }
}

And also would appreciate some guidance on this.

@yankustefan
Copy link

yankustefan commented Apr 18, 2024

addition:
Using older versions as @jdgamble555 mentioned, does indeed not solve the error for me. I just get another one:

AuthApiError: invalid claim: missing sub claim

suciptoid added a commit to suciptoid/supalink that referenced this issue Apr 18, 2024
@evwltrs
Copy link

evwltrs commented Apr 18, 2024

@yankustefan

I downgraded to "@supabase/supabase-js": "2.39.7" and it solved the issue for me.
I haven't noticed the AuthApiError.

hf added a commit to supabase/auth-js that referenced this issue Apr 23, 2024
Fixes supabase/supabase-js#1001

Hopefully the NextJS caching takes in the Authorization header in the
cache key.
@raventos
Copy link

Still getting the error on "@supabase/auth-js": "^2.64.0"

@RaresAil
Copy link

Works in "@supabase/supabase-js": "^2.42.7", 👏🏻

@nechmads
Copy link

I get the same thing now with @axiomhq/js :(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.