Skip to content

parity(auth): verifyOtp() for email_change returns null user/session; signUp() returns user without session [from supabase-js] #259

Description

@grdsdev

SDK Parity: C# implementation needed

Reference Implementation (supabase-js)

What Changed

Fix 1 — VerifyOtp(type: EmailChange): During two-step secure email change, GoTrue returns { msg, code } (200 OK) after the first confirmation. This is NOT a session — SDK must return AuthResponse { User = null, Session = null }, not treat {msg, code} as a User.

Fix 2 — SignUp() with confirmation: GoTrue returns the bare user without access_token when confirmation is required. SDK must return AuthResponse { User = <User>, Session = null }.

Code Reference

// Detection logic:
const user = data.user ?? (typeof data?.id === 'string' ? (data as User) : null)

Acceptance Criteria

  • VerifyOtp(EmailChange) returns null User/Session for partial {msg,code} response
  • SignUp() returns User when confirmation required
  • Tests cover both cases

Context


Generated with Claude Code /sync-sdk-parity

Metadata

Metadata

Assignees

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions