N
Nuxt7mo ago
roga

Interesting problem with my audit trail...

In an app I built, I'm using the Supabase Nuxt module to get user metadata or email address and I'm using it to create an audit trail when I create an entity in my database. 
  const bodyData = await readBody(event);
  const user = await serverSupabaseUser(event);
  const userName = user?.user_metadata.name || user?.email || 'unknown';
  const bodyData = await readBody(event);
  const user = await serverSupabaseUser(event);
  const userName = user?.user_metadata.name || user?.email || 'unknown';
The problem is that sometimes it was returning someone elses information entirely. I observed the bug first-hand and I couldn't really explain what was happening. For some API routes, I was using a useAuth.ts function I created in my server-side utils folder that looked like this. 
// server/utils/useAuth.ts
import { serverSupabaseUser } from '#supabase/server';
import type { H3Event, EventHandlerRequest } from 'h3';

export default async function useAuth(event: H3Event<EventHandlerRequest>, handleError: (statusCode: number, statusMessage: string, error?: any) => {}): string {
  const user = await serverSupabaseUser(event);
  if (!user) return handleError(401, 'unauthorized');
  return user.user_metadata?.name || user?.email || 'unknown';
}
// server/utils/useAuth.ts
import { serverSupabaseUser } from '#supabase/server';
import type { H3Event, EventHandlerRequest } from 'h3';

export default async function useAuth(event: H3Event<EventHandlerRequest>, handleError: (statusCode: number, statusMessage: string, error?: any) => {}): string {
  const user = await serverSupabaseUser(event);
  if (!user) return handleError(401, 'unauthorized');
  return user.user_metadata?.name || user?.email || 'unknown';
}
I'm deploying to Vercel and I was curious if the util was somehow being reused by different users, capturing the wrong user details and retaining it. I don't understand how, but I'm very perplexed as to how the wrong user information is consistently inserting itself into my audit trail... Any ideas?
0 Replies
No replies yetBe the first to reply to this messageJoin
Want results from more Discord servers?
Add your server