Files
supabase/apps/reference/_supabase_js/generated/auth-setsession.mdx
2022-08-16 14:18:14 +08:00

111 lines
2.9 KiB
Plaintext

---
id: auth-setsession
title: 'setSession()'
slug: /auth-setsession
custom_edit_url: https://github.com/supabase/supabase/edit/master/spec/supabase_js_v2_legacy.yml
---
import Tabs from '@theme/Tabs'
import TabItem from '@theme/TabItem'
Sets the session data from refresh_token and returns current session or an error if the refresh_token is invalid.
```js
function apiFunction(req, res) {
// Assuming the access token was sent as a header "X-Supabase-Auth"
const { access_token } = req.get('X-Supabase-Auth')
// You can now use it within a Supabase Client
const supabase = createClient("https://xyzcompany.supabase.co", "public-anon-key")
const { user, error } = supabase.auth.setAuth(access_token)
// This client will now send requests as this user
const { data } = await supabase.from('your_table').select()
}
```
## Parameters
<ul className="method-list-group">
<li className="method-list-item">
<h4 className="method-list-item-label">
<span className="method-list-item-label-name">
refresh_token
</span>
<span className="method-list-item-label-badge required">
required
</span>
<span className="method-list-item-validation">
<code>string</code>
</span>
</h4>
<div class="method-list-item-description">
The refresh token returned by gotrue.
</div>
</li>
</ul>
## Examples
### Basic example.
This is most useful on server-side functions where you cannot log the user in, but have access to the user's access token.
```js
function apiFunction(req, res) {
// Assuming the access token was sent as a header "X-Supabase-Auth"
const { access_token } = req.get('X-Supabase-Auth')
// You can now use it within a Supabase Client
const supabase = createClient("https://xyzcompany.supabase.co", "public-anon-key")
const { user, error } = supabase.auth.setAuth(access_token)
// This client will now send requests as this user
const { data } = await supabase.from('your_table').select()
}
```
### With Express.
```js
/**
* Make a request from the client to your server function
*/
async function makeApiRequest() {
const token = newClient.session()?.access_token
await fetch('https://example.com/withAuth', {
method: 'GET',
withCredentials: true,
credentials: 'include',
headers: {
'Content-Type': 'application/json',
Authorization: bearer, // Your own auth
'X-Supabase-Auth': token, // Set the Supabase user
},
})
}
/**
* Use the Auth token in your server-side function.
*/
async function apiFunction(req, res) {
const { access_token } = req.get('X-Supabase-Auth')
// You can now use it within a Supabase Client
const supabase = createClient(
'https://xyzcompany.supabase.co',
'public-anon-key'
)
const { user, error } = supabase.auth.setAuth(access_token)
// This client will now send requests as this user
const { data } = await supabase.from('your_table').select()
}
```