Merge pull request #455 from supabase/fix/custom-fetch-include-apikey

alaister · web-flow · commit 4562b77eb7c1 · 2022-06-07T17:11:05.000+10:00
fix: include apikey in custom fetch
diff --git a/src/SupabaseClient.ts b/src/SupabaseClient.ts
@@ -96,7 +96,7 @@ export default class SupabaseClient {
     this.auth = this._initSupabaseAuthClient(settings)
     this.realtime = this._initRealtimeClient({ headers: this.headers, ...settings.realtime })
 
-    this.fetch = fetchWithAuth(this._getAccessToken.bind(this), settings.fetch)
+    this.fetch = fetchWithAuth(supabaseKey, this._getAccessToken.bind(this), settings.fetch)
 
     this._listenForAuthEvents()
     this._listenForMultiTabEvents()
diff --git a/src/lib/fetch.ts b/src/lib/fetch.ts
@@ -23,17 +23,22 @@ export const resolveHeadersConstructor = () => {
 }
 
 export const fetchWithAuth = (
+  supabaseKey: string,
   getAccessToken: () => Promise<string | null>,
   customFetch?: Fetch
 ): Fetch => {
   const fetch = resolveFetch(customFetch)
   const HeadersConstructor = resolveHeadersConstructor()
 
   return async (input, init) => {
-    const accessToken = await getAccessToken()
+    const accessToken = (await getAccessToken()) ?? supabaseKey
     let headers = new HeadersConstructor(init?.headers)
 
-    if (!headers.has('Authorization') && accessToken) {
+    if (!headers.has('apikey')) {
+      headers.set('apikey', supabaseKey)
+    }
+
+    if (!headers.has('Authorization')) {
       headers.set('Authorization', `Bearer ${accessToken}`)
     }
 
