fix(auth): emit local stored session as the initial session (#822)

* fix(auth): emit local stored session as the initial session

* fix(auth): refresh token in background if stored session is expired

* fix: use trait for allowing users to opt in new behavior

Author: grdsdev

[email protected]

@@ -0,0 +1,215 @@
+// swift-tools-version:6.1
+// The swift-tools-version declares the minimum version of Swift required to build this package.
+
+import Foundation
+import PackageDescription
+
+let package = Package(
+  name: "Supabase",
+  platforms: [
+    .iOS(.v13),
+    .macCatalyst(.v13),
+    .macOS(.v10_15),
+    .watchOS(.v6),
+    .tvOS(.v13),
+  ],
+  products: [
+    .library(name: "Auth", targets: ["Auth"]),
+    .library(name: "Functions", targets: ["Functions"]),
+    .library(name: "PostgREST", targets: ["PostgREST"]),
+    .library(name: "Realtime", targets: ["Realtime"]),
+    .library(name: "Storage", targets: ["Storage"]),
+    .library(
+      name: "Supabase",
+      targets: ["Supabase", "Functions", "PostgREST", "Auth", "Realtime", "Storage"]
+    ),
+  ],
+  traits: [
+    .init(
+      name: "EmitLocalSessionAsInitialSession",
+      description: "Emits the local stored session as the initial session.",
+      enabledTraits: []
+    )
+  ],
+  dependencies: [
+    .package(url: "https://github.com/apple/swift-crypto.git", "1.0.0"..<"5.0.0"),
+    .package(url: "https://github.com/apple/swift-http-types.git", from: "1.3.0"),
+    .package(url: "https://github.com/pointfreeco/swift-clocks", from: "1.0.0"),
+    .package(url: "https://github.com/pointfreeco/swift-concurrency-extras", from: "1.1.0"),
+    .package(url: "https://github.com/pointfreeco/swift-custom-dump", from: "1.3.2"),
+    .package(url: "https://github.com/pointfreeco/swift-snapshot-testing", from: "1.17.0"),
+    .package(url: "https://github.com/pointfreeco/xctest-dynamic-overlay", from: "1.2.2"),
+    .package(url: "https://github.com/WeTransfer/Mocker", from: "3.0.0"),
+  ],
+  targets: [
+    .target(
+      name: "Helpers",
+      dependencies: [
+        .product(name: "ConcurrencyExtras", package: "swift-concurrency-extras"),
+        .product(name: "HTTPTypes", package: "swift-http-types"),
+        .product(name: "Clocks", package: "swift-clocks"),
+        .product(name: "XCTestDynamicOverlay", package: "xctest-dynamic-overlay"),
+      ]
+    ),
+    .testTarget(
+      name: "HelpersTests",
+      dependencies: [
+        .product(name: "CustomDump", package: "swift-custom-dump"),
+        "Helpers",
+      ]
+    ),
+    .target(
+      name: "Auth",
+      dependencies: [
+        .product(name: "ConcurrencyExtras", package: "swift-concurrency-extras"),
+        .product(name: "Crypto", package: "swift-crypto"),
+        "Helpers",
+      ]
+    ),
+    .testTarget(
+      name: "AuthTests",
+      dependencies: [
+        .product(name: "CustomDump", package: "swift-custom-dump"),
+        .product(name: "InlineSnapshotTesting", package: "swift-snapshot-testing"),
+        .product(name: "SnapshotTesting", package: "swift-snapshot-testing"),
+        .product(name: "XCTestDynamicOverlay", package: "xctest-dynamic-overlay"),
+        "Auth",
+        "Helpers",
+        "TestHelpers",
+      ],
+      exclude: [
+        "__Snapshots__"
+      ],
+      resources: [.process("Resources")]
+    ),
+    .target(
+      name: "Functions",
+      dependencies: [
+        "Helpers"
+      ]
+    ),
+    .testTarget(
+      name: "FunctionsTests",
+      dependencies: [
+        .product(name: "ConcurrencyExtras", package: "swift-concurrency-extras"),
+        .product(name: "InlineSnapshotTesting", package: "swift-snapshot-testing"),
+        .product(name: "SnapshotTesting", package: "swift-snapshot-testing"),
+        .product(name: "XCTestDynamicOverlay", package: "xctest-dynamic-overlay"),
+        "Functions",
+        "Mocker",
+        "TestHelpers",
+      ]
+    ),
+    .testTarget(
+      name: "IntegrationTests",
+      dependencies: [
+        .product(name: "CustomDump", package: "swift-custom-dump"),
+        .product(name: "InlineSnapshotTesting", package: "swift-snapshot-testing"),
+        .product(name: "XCTestDynamicOverlay", package: "xctest-dynamic-overlay"),
+        "Helpers",
+        "Supabase",
+        "TestHelpers",
+      ],
+      resources: [
+        .process("Fixtures"),
+        .process("supabase"),
+      ]
+    ),
+    .target(
+      name: "PostgREST",
+      dependencies: [
+        .product(name: "ConcurrencyExtras", package: "swift-concurrency-extras"),
+        "Helpers",
+      ]
+    ),
+    .testTarget(
+      name: "PostgRESTTests",
+      dependencies: [
+        .product(name: "InlineSnapshotTesting", package: "swift-snapshot-testing"),
+        .product(name: "SnapshotTesting", package: "swift-snapshot-testing"),
+        "Helpers",
+        "Mocker",
+        "PostgREST",
+        "TestHelpers",
+      ]
+    ),
+    .target(
+      name: "Realtime",
+      dependencies: [
+        .product(name: "ConcurrencyExtras", package: "swift-concurrency-extras"),
+        .product(name: "IssueReporting", package: "xctest-dynamic-overlay"),
+        "Helpers",
+      ]
+    ),
+    .testTarget(
+      name: "RealtimeTests",
+      dependencies: [
+        .product(name: "CustomDump", package: "swift-custom-dump"),
+        .product(name: "InlineSnapshotTesting", package: "swift-snapshot-testing"),
+        .product(name: "XCTestDynamicOverlay", package: "xctest-dynamic-overlay"),
+        "PostgREST",
+        "Realtime",
+        "TestHelpers",
+      ]
+    ),
+    .target(
+      name: "Storage",
+      dependencies: [
+        "Helpers"
+      ]
+    ),
+    .testTarget(
+      name: "StorageTests",
+      dependencies: [
+        .product(name: "CustomDump", package: "swift-custom-dump"),
+        .product(name: "InlineSnapshotTesting", package: "swift-snapshot-testing"),
+        .product(name: "XCTestDynamicOverlay", package: "xctest-dynamic-overlay"),
+        "Mocker",
+        "TestHelpers",
+        "Storage",
+      ],
+      resources: [
+        .copy("sadcat.jpg"),
+        .process("Fixtures"),
+      ]
+    ),
+    .target(
+      name: "Supabase",
+      dependencies: [
+        .product(name: "ConcurrencyExtras", package: "swift-concurrency-extras"),
+        .product(name: "IssueReporting", package: "xctest-dynamic-overlay"),
+        "Auth",
+        "Functions",
+        "PostgREST",
+        "Realtime",
+        "Storage",
+      ]
+    ),
+    .testTarget(
+      name: "SupabaseTests",
+      dependencies: [
+        .product(name: "CustomDump", package: "swift-custom-dump"),
+        .product(name: "InlineSnapshotTesting", package: "swift-snapshot-testing"),
+        "Supabase",
+      ]
+    ),
+    .target(
+      name: "TestHelpers",
+      dependencies: [
+        .product(name: "ConcurrencyExtras", package: "swift-concurrency-extras"),
+        .product(name: "InlineSnapshotTesting", package: "swift-snapshot-testing"),
+        .product(name: "XCTestDynamicOverlay", package: "xctest-dynamic-overlay"),
+        "Auth",
+        "Mocker",
+      ]
+    ),
+  ],
+  swiftLanguageModes: [.v5]
+)
+
+for target in package.targets where !target.isTest {
+  target.swiftSettings = [
+    .enableUpcomingFeature("ExistentialAny"),
+    .enableExperimentalFeature("StrictConcurrency"),
+  ]
+}

Sources/Auth/AuthClient.swift

@@ -218,9 +218,8 @@ public actor AuthClient {
   /// - Parameter listener: Block that executes when a new event is emitted.
   /// - Returns: A handle that can be used to manually unsubscribe.
   ///
-  /// - Note: This method blocks execution until the ``AuthChangeEvent/initialSession`` event is
-  /// emitted. Although this operation is usually fast, in case of the current stored session being
-  /// invalid, a call to the endpoint is necessary for refreshing the session.
+  /// - Note: The session emitted in the  ``AuthChangeEvent/initialSession`` event may have been expired
+  /// since last launch, consider checking for ``Session/isExpired``. If this is the case, then expect a ``AuthChangeEvent/tokenRefreshed`` after.
   @discardableResult
   public func onAuthStateChange(
     _ listener: @escaping AuthStateChangeListener
@@ -1393,8 +1392,36 @@ public actor AuthClient {
   }
 
   private func emitInitialSession(forToken token: ObservationToken) async {
-    let session = try? await session
-    eventEmitter.emit(.initialSession, session: session, token: token)
+    #if EmitLocalSessionAsInitialSession
+      guard let currentSession else {
+        eventEmitter.emit(.initialSession, session: nil, token: token)
+        return
+      }
+
+      eventEmitter.emit(.initialSession, session: currentSession, token: token)
+
+      Task {
+        if currentSession.isExpired {
+          _ = try? await sessionManager.refreshSession(currentSession.refreshToken)
+          // No need to emit `tokenRefreshed` nor `signOut` event since the `refreshSession` does it already.
+        }
+      }
+    #else
+      let session = try? await session
+      eventEmitter.emit(.initialSession, session: session, token: token)
+
+      logger?.warning(
+        """
+        Initial session emitted after attempting to refresh the local stored session.
+        This is incorrect behavior and will be fixed in the next major release since it’s a breaking change.
+        For now, if you want to opt-in to the new behavior, add the trait `EmitLocalSessionAsInitialSession` to your Package.swift file when importing the Supabase dependency.
+        The new behavior ensures that the locally stored session is always emitted, regardless of its validity or expiration.
+        If you rely on the initial session to opt users in, you need to add an additional check for `session.isExpired` in the session.
+
+        Check https://github.com/supabase/supabase-swift/pull/822 for more information.
+        """
+      )
+    #endif
   }
 
   nonisolated private func prepareForPKCE() -> (