auth.getUser returns an error: Auth Session Missing v2.43.2

[NickG-NZ]

Bug report

• I confirm this is a bug with Supabase, not with my own application.
• I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

After upgrading from v2.38.4 to v2.43.2, calling auth.getUser in a NextJS route handler returns an AuthSessionMissing error for a logged in user (session cookie exists and is passed to the client).
It seems to be the same bug from issue #1025 that was discovered and already fixed for edge functions. In this case it is happening when using the Supabase SSR library.

To Reproduce

Steps to reproduce the behaviour, please provide code snippets or a repository:

Run await supabaseAuthClient.auth.getUser() in a NextJS route-handler (or presumably any serverless runtime using a supabase SSR client)

Expected behavior

The user is returned.

Screenshots

If applicable, add screenshots to help explain your problem.

System information

• OS: Ubuntu 22
• Browser Chromium
• Version of supabase-js: 2.43.2
• Version of Node.js: 20

Additional context

Add any other context about the problem here.

[peterje]

@NickG-NZ I also ran in to this yesterday intermittently Any resolution?

[NickG-NZ]

No resolution for us yet. We're sitting on an old version until the supabase team responds

[geoffreygarrett]

For what it's worth, I had the same error.

I manually inspected the cookies and found my cookies were not chunked correctly as [cookie-part.0, cookie-part.1] for some reason. Might be unrelated and a by-product of my cookie management, but I found: [cookie-part, cookie-part.0, cookie-part.1] where cookie-part==cookie-part.1. (yes I have sizeable cookies).

The cookie chunking algorithm, when provided with cookie-part will return cookie-part if it exists and ignore the enumerated chunks.

[vanceingalls]

@NickG-NZ which version of next.js are you on? seem to be running into the same issue with supabase-js 2.43.2 and any version of next.js above 14.0.4

[RickWoltheus]

can confirm this is also happening for me on supabase-js 2.43.4 and nextjs 14.0.4

[Donald646]

Same here I can't use .getUser() in serverless functions, or in API Routes.

[Donald646]

@RickWoltheus I'm running into the same problem. I installed the latest version, but when I downgrade it doesn't work anymore. I'm a relatively new dev, so how do I downgrade to a version that works?

[Donald646]

these are my dependencies when I run npm list.

[NickG-NZ]

these are my dependencies when I run npm list.

You haven't included your supabase-js version in the screenshot. The package that this Github issue is about (@supabase/supabase-js) should be in your dependencies.
I can't remember exactly which version breaks it, but my team is sitting on 2.38.4.

To switch to this particular version you would just run
npm install @supabase/supabase-js@2.38.4

[NickG-NZ]

@NickG-NZ which version of next.js are you on? seem to be running into the same issue with supabase-js 2.43.2 and any version of next.js above 14.0.4

We're on 14.1.4. Are you saying that running an older version of NextJS fixes it?

[Donald646]

Your screen shot isn't working for me, but when I run npm list @supabase/supabase-js doesnt appear, but I have run the install.

[NickG-NZ]

@Donald646 This is really unrelated to the current issue. Can you please try Google, GPT or StackOverflow.

[Donald646]

Going back to an older version of @supabase/supabase-js doesn't work for me. My local development is down, as users on the serverside is a core part of it. This issue has also been open for a while now, so I don't know when it's gonna be fixed.