Get up to date with the SB SK guide: https://supabase.com/docs/guides…

…/auth/server-side/sveltekit Supress warnings that are not needed: supabase/auth-js#888 (comment)
CriticalMoments · Aug 29, 2024 · c8eb9ed · c8eb9ed
1 parent eacd3af
commit c8eb9ed
Show file tree

Hide file tree

Showing 5 changed files with 41 additions and 16 deletions.
diff --git a/src/hooks.server.ts b/src/hooks.server.ts
@@ -14,18 +14,16 @@ export const handle: Handle = async ({ event, resolve }) => {
     PUBLIC_SUPABASE_ANON_KEY,
     {
       cookies: {
-        get: (key) => event.cookies.get(key),
+        getAll: () => event.cookies.getAll(),
         /**
-         * Note: You have to add the `path` variable to the
-         * set and remove method due to sveltekit's cookie API
-         * requiring this to be set, setting the path to an empty string
-         * will replicate previous/standard behaviour (https://kit.svelte.dev/docs/types#public-types-cookies)
+         * SvelteKit's cookies API requires `path` to be explicitly set in
+         * the cookie options. Setting `path` to `/` replicates previous/
+         * standard behavior.
          */
-        set: (key, value, options) => {
-          event.cookies.set(key, value, { ...options, path: "/" })
-        },
-        remove: (key, options) => {
-          event.cookies.delete(key, { ...options, path: "/" })
+        setAll: (cookiesToSet) => {
+          cookiesToSet.forEach(({ name, value, options }) => {
+            event.cookies.set(name, value, { ...options, path: "/" })
+          })
         },
       },
     },
@@ -37,6 +35,16 @@ export const handle: Handle = async ({ event, resolve }) => {
     { auth: { persistSession: false } },
   )
 
+  // https://github.com/supabase/auth-js/issues/888#issuecomment-2189298518
+  if ("suppressGetSessionWarning" in event.locals.supabase.auth) {
+    // @ts-expect-error - suppressGetSessionWarning is not part of the official API
+    event.locals.supabase.auth.suppressGetSessionWarning = true
+  } else {
+    console.warn(
+      "SupabaseAuthClient#suppressGetSessionWarning was removed. See https://github.com/supabase/auth-js/issues/888.",
+    )
+  }
+
   /**
    * Unlike `supabase.auth.getSession()`, which returns the session _without_
    * validating the JWT, this function also calls `getUser()` to validate the

diff --git a/src/routes/(admin)/account/+layout.server.ts b/src/routes/(admin)/account/+layout.server.ts
@@ -3,6 +3,7 @@ import type { LayoutServerLoad } from "./$types"
 
 export const load: LayoutServerLoad = async ({
   locals: { supabase, safeGetSession },
+  cookies,
 }) => {
   const { session, user } = await safeGetSession()
 
@@ -16,5 +17,5 @@ export const load: LayoutServerLoad = async ({
     .eq("id", user?.id)
     .single()
 
-  return { session, profile }
+  return { session, profile, cookies: cookies.getAll() }
 }
diff --git a/src/routes/(admin)/account/+layout.ts b/src/routes/(admin)/account/+layout.ts
@@ -25,17 +25,31 @@ export const load = async ({ fetch, data, depends, url }) => {
           fetch,
         },
         cookies: {
-          // TODO: does not match latest supabase guide
-          get() {
-            return JSON.stringify(data.session)
+          getAll() {
+            return data.cookies
           },
         },
       })
 
+  /**
+   * It's fine to use `getSession` here, because on the client, `getSession` is
+   * safe, and on the server, it reads `session` from the `LayoutData`, which
+   * safely checked the session using `safeGetSession`.
+   * Source: https://supabase.com/docs/guides/auth/server-side/sveltekit
+   */
   const {
     data: { session },
   } = await supabase.auth.getSession()
 
+  // https://github.com/supabase/auth-js/issues/888#issuecomment-2189298518
+  if ("suppressGetSessionWarning" in supabase.auth) {
+    // @ts-expect-error - suppressGetSessionWarning is not part of the official API
+    supabase.auth.suppressGetSessionWarning = true
+  } else {
+    console.warn(
+      "SupabaseAuthClient#suppressGetSessionWarning was removed. See https://github.com/supabase/auth-js/issues/888.",
+    )
+  }
   const {
     data: { user },
   } = await supabase.auth.getUser()

diff --git a/src/routes/(marketing)/login/+layout.server.ts b/src/routes/(marketing)/login/+layout.server.ts
@@ -4,6 +4,7 @@ import type { LayoutServerLoad } from "./$types"
 export const load: LayoutServerLoad = async ({
   url,
   locals: { safeGetSession },
+  cookies,
 }) => {
   const { session } = await safeGetSession()
 
@@ -15,5 +16,6 @@ export const load: LayoutServerLoad = async ({
   return {
     session: session,
     url: url.origin,
+    cookies: cookies.getAll(),
   }
 }
diff --git a/src/routes/(marketing)/login/+layout.ts b/src/routes/(marketing)/login/+layout.ts
@@ -22,8 +22,8 @@ export const load = async ({ fetch, data, depends }) => {
           fetch,
         },
         cookies: {
-          get() {
-            return JSON.stringify(data.session)
+          getAll() {
+            return data.cookies
           },
         },
       })