@@ -3,7 +3,7 @@ import { createClient } from '@supabase/supabase-js';
33// These should be in your .env file
44const supabaseUrl = import . meta. env . VITE_SUPABASE_URL || '' ;
55// Use the new publishable key format instead of the deprecated anon key
6- const supabasePublishableKey = import . meta. env . VITE_SUPABASE_PUBLISHABLE_KEY || import . meta . env . VITE_SUPABASE_ANON_KEY || '' ;
6+ const supabasePublishableKey = import . meta. env . VITE_SUPABASE_PUBLISHABLE_KEY || '' ;
77
88// Debug: Log the configuration (remove in production)
99if ( ! supabaseUrl || ! supabasePublishableKey ) {
@@ -69,7 +69,7 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
6969 }
7070 // Check if this is a token refresh request
7171 const isTokenRefresh = typeof url === 'string' && url . includes ( '/auth/v1/token?grant_type=refresh_token' ) ;
72-
72+
7373 // If we're rate limited and this is a token refresh, skip it
7474 if ( isTokenRefresh && rateLimitedUntil > Date . now ( ) ) {
7575 console . log ( '🔐 Skipping token refresh due to rate limit, waiting' , Math . ceil ( ( rateLimitedUntil - Date . now ( ) ) / 1000 ) , 'seconds' ) ;
@@ -99,7 +99,7 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
9999 // If no stored session, return a network error to avoid sign out
100100 throw new Error ( 'Rate limited - using cached session' ) ;
101101 }
102-
102+
103103 // Check if this is an Edge Function call
104104 const isEdgeFunction = typeof url === 'string' && url . includes ( '/functions/v1/' ) ;
105105
@@ -178,21 +178,21 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
178178 cache : 'no-cache'
179179 } ) ;
180180 clearTimeout ( timeoutId ) ;
181-
181+
182182 // Handle 401 Unauthorized errors by triggering token refresh
183183 if ( response . status === 401 && ! isTokenRefresh ) {
184184 console . log ( '🔐 API call returned 401, triggering token refresh...' ) ;
185-
185+
186186 // Try to refresh the token using refreshSession which forces an actual refresh
187187 try {
188188 const refreshResponse = await supabase . auth . refreshSession ( ) ;
189189 if ( refreshResponse . data . session && ! refreshResponse . error ) {
190190 console . log ( '🔐 Token refreshed after 401, retrying original request...' ) ;
191-
191+
192192 // Update the authorization header with the new token
193193 const updatedHeaders = new Headers ( options . headers || { } ) ;
194194 updatedHeaders . set ( 'Authorization' , `Bearer ${ refreshResponse . data . session . access_token } ) ;
195-
195+
196196 // Retry the original request with the new token
197197 const retryResponse = await fetch ( url , {
198198 ...options ,
@@ -201,7 +201,7 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
201201 credentials : 'same-origin' ,
202202 cache : 'no-cache'
203203 } ) ;
204-
204+
205205 return retryResponse ;
206206 } else {
207207 console . error ( '🔐 Token refresh failed:' , refreshResponse . error ) ;
@@ -210,24 +210,24 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
210210 console . error ( '🔐 Failed to refresh token after 401:' , refreshError ) ;
211211 }
212212 }
213-
213+
214214 // Immediately check for 429 rate limit on token refresh BEFORE returning
215215 if ( response . status === 429 && isTokenRefresh ) {
216216 // Set the flag IMMEDIATELY
217217 ( window as any ) . __supabaseRateLimited = true ;
218218 // Set rate limit for 30 seconds
219219 rateLimitedUntil = Date . now ( ) + 30000 ;
220220 console . error ( '🔐 Token refresh rate limited! Backing off for 30 seconds' ) ;
221-
221+
222222 // Set a global flag so components know we're rate limited
223223 ( window as any ) . __supabaseRateLimited = true ;
224-
224+
225225 // Clear the rate limit after the timeout
226226 setTimeout ( async ( ) => {
227227 rateLimitedUntil = 0 ;
228228 ( window as any ) . __supabaseRateLimited = false ;
229229 console . log ( '🔐 Rate limit cleared, token refresh can resume' ) ;
230-
230+
231231 // Try to restore the session if auth state was lost
232232 try {
233233 const authState = ( await import ( './auth' ) ) . useAuth . getState ( ) ;
@@ -236,7 +236,7 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
236236 const supabaseUrl = import . meta. env . VITE_SUPABASE_URL || '' ;
237237 const storageKey = `sb-${ supabaseUrl . split ( '//' ) [ 1 ] . split ( '.' ) [ 0 ] } ;
238238 const storedSession = localStorage . getItem ( storageKey ) ;
239-
239+
240240 if ( storedSession ) {
241241 try {
242242 const sessionData = JSON . parse ( storedSession ) ;
@@ -255,7 +255,7 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
255255 timeUntilExpiry = sessionData . expires_at - now ;
256256 }
257257 }
258-
258+
259259 // If session is still valid for more than 5 minutes, restore it
260260 if ( timeUntilExpiry > 300 ) {
261261 console . log ( '🔐 Restoring auth state after rate limit' ) ;
@@ -275,7 +275,7 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
275275 console . error ( 'Error restoring auth state after rate limit:' , error ) ;
276276 }
277277 } , 30000 ) ;
278-
278+
279279 // Return a fake successful response with the current session to prevent sign out
280280 const storageKey = `sb-${ supabaseUrl . split ( '//' ) [ 1 ] . split ( '.' ) [ 0 ] } ;
281281 const storedSession = localStorage . getItem ( storageKey ) ;
@@ -299,7 +299,7 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
299299 }
300300 }
301301 }
302-
302+
303303 return response ;
304304 } catch ( error ) {
305305 clearTimeout ( timeoutId ) ;
0 commit comments