Subscribes to important events occurring on the user's session.
Emitted events:
INITIAL_SESSION
Emitted right after the Supabase client is constructed and the initial session from storage is loaded.
SIGNED_IN
Emitted each time a user session is confirmed or re-established, including on user sign in.
Avoid making assumptions as to when this event is fired, this may occur even when the user is already signed in. Instead, check the user object attached to the event to see if a new user has signed in and update your application's UI.
SIGNED_OUT
Emitted when the user signs out. This can be after:
A call to supabase.auth.signOut().
After the user's session has expired for any reason:
User has signed out on another device.
The session has reached its timebox limit or inactivity timeout.
User has signed in on another device with single session per user enabled.
Use this to clean up any local storage your application has associated with the user.
TOKEN_REFRESHED
Emitted each time a new access and refresh token are fetched for the signed in user.
It's best practice and highly recommended to extract the access token (JWT) and store it in memory for further use in your application.
Avoid frequent calls to supabase.auth.session for the same purpose.
There is a background process that keeps track of when the session should be refreshed so you will always receive valid tokens by listening to this event.
The frequency of this event is related to the JWT expiry limit configured on your project.
USER_UPDATED
Emitted each time the supabase.auth.update(user:) method finishes successfully. Listen to it to update your application's UI based on new profile information.
PASSWORD_RECOVERY
Emitted instead of the SIGNED_IN event when the user lands on a page that includes a password recovery link in the URL.