New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to change email, OTP verification fails. "User not found" #798
Comments
did you try it with |
email_change is mentioned here https://supabase.com/docs/reference/javascript/auth-verifyotp , you can reproduce the issue from this code
|
from looking at the docs, it does not exactly explain what it is used for, but by looking at your code, you might maybe refactor this snippet: |
I have tried
|
Did you run the code with a User you know is definitely in the Users Table in Supabase? -> Does it still fails then? |
Yes the user is in the supabase auth/user table. and it fails while |
Are you using an older version of the local development environment? I was experiencing the same issue (local dev) and fixed it by upgrading to the latest CLI and local environment. After looking through the GoTrue source I believe this was a bug in the GoTrue matches the provided (new) I initially worked around the problem by manually calculating the An incorrect OTP will generate a user not found response for the reasons mentioned. In case you want to test providing the hash manually: updated: algo and comments // Will need a lib for SHA-224
const buf = await window.crypto.subtle.digest("SHA-224", newEmail + otp);
const tokenHash = Array.from(new Uint8Array(buf))
.map((item) => item.toString(16).padStart(2, "0"))
.join("");
const { data, error } = await supabase.auth.verifyOtp({
// Should be only [type, token_hash ] or [type, email, token] on latest version
type: "email_change",
email: newEmail,
token: otp,
token_hash: tokenHash
}); For reference I'm (now) using v2.38 of the JS client and v1.106.1 of the CLI. |
@canardos , I am utilizing Spabase Cloud rather than a local CLI. Nevertheless, when attempting your solution, I encountered the following error message: code:
It expects either a "token" or a "token_hash." The issue arises when I attempt to change my email using the OTP option. When I use the link method, it functions as expected. I want to emphasize that I am certain I'm entering the correct OTP, as I've attempted it multiple times. I am using latest version of the library
|
Given you're on the latest version, I suspect you have a different issue. You could try with the |
if I try with |
Apologies, but my earlier code had the wrong algo (I'm using node ( Also, you have Finally, if you're providing the That said, it should be working with just |
@abiddraws can you please send us a support ticket at https://supabase.com/dashboard/support/new ? it will be much easier for us to figure out what went wrong here with your project details! |
@scottwyn13 it should be Line 650 in 64a926c
closing since i'm unable to reproduce this error |
Bug report
When a signed user attempts to change their email address. OTP receives to the new email. however when we try to verifyOtp I get an error saying "User not found". This is happening only when we try to change email using type: email_change. other types like signup are working fine.
To Reproduce
Steps to reproduce the behavior, please provide code snippets or a repository:
const { data, error } = await supabase.auth.updateUser({ email });
const { data, error } = await supabase.auth.verifyOtp({ token: otp, type: "email_change", email, /* new email */ });
{"name":"AuthApiError","message":"User not found","status":404}
Expected behavior
Signed user should be able to change their email with OTP verification
System information
-Browser chrome
The text was updated successfully, but these errors were encountered: