Unable to change recovery redirect

Question

Unable to change recovery redirect

buidles opened this issue a year ago · 1 comments

Not sure if this is the best place to ask, apologies if not.

I need a bit of guidance in setting up the forgotten password functionality correctly. The forgotten password form sends an email which can be seen in Inbucket (I'm using a local installation of Supabase for development).

When I click on the link in the email the URL is http://localhost/auth/v1/verify?token=pkce_7ca51de7cf50d3aa016b59ca0a019609a0d46eb6c1c329138e2889e3&type=recovery&redirect_to=http://localhost:5173/

The first issue is that http://localhost/auth... should be http://localhost:54321/auth... - I don't think this is much of an issue though as I'm sure the correct url will be used once the hosted version of Supabase is used.

However what is important is being able to change the redirect URL - I need it to be the URL of where my update password form is which is http://localhost:5173/auth/update-password. Where can this be done?

Update

I should add that the redirectTo prop value is ignored.

Update

I have edited the config.toml file with the following values and restarted supabase - still the same issue though.

site_url = "http://localhost:5173"
additional_redirect_urls = ["http://localhost:5173/auth/callback","http://localhost:5173/auth/update-password"]

Update

The redirect issue has been solved - the value I was feeding to the prop was using a variable that was not actually outputting what I thought it was and was not an actual url so the root url was used.

The email link now contains the correct redirect url, however there is now a loop - I have an onAuthStateChange listening for SIGNED_IN event - when that happens the user is redirected to the home page. So when the user is automatically logged in after clicking the email link this event is triggered and the user is redirected to the home page instead of the redirect url.

From reading the docs it seems a PASSWORD_RECOVERY event should be fired - it isn't. Maybe this is a bug in my local Supabase. I think the only way forward with this is to make use of the hosted version and go from there. I have to say that the reason I opted to use Supabase was to make things easier, but setting up this auth is a pretty painful experience.

Answer 1 · 2023-12-24T11:35:58.000Z

I had the same problem(s) and just figured out that one can use the USER_UPDATED event:

supabase.auth.onAuthStateChange((event, newSession) => {
   if (event == "USER_UPDATED") router.push("/");
 });