Giters

supabase / storage-py

Home Page:https://supabase-community.github.io/storage-py/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

create_signed_url doesn't use Bearer token from sign_in

jfischoff opened this issue · comments

commented

Describe the bug
create_signed_url fails when authorization is necessary because the wrong Bearer token is being used in the request

To Reproduce
Steps to reproduce the behavior:

  1. Create a storage policy that requires a particular user to view it
  2. Use sign_in_with_password to sign in as that user
  3. Use create_signed_url to try to create a presigned url
  4. Get a 400 instead.

Expected behavior
200 and the signed url

I debugged this by running mitmproxy. The request showed the initial anon bearer token.

When I saved the failed request as a curl and replaced the bearer token with the one returned from sign_in_with_password it worked.