This repository was archived by the owner on Oct 10, 2025. It is now read-only.
This repository was archived by the owner on Oct 10, 2025. It is now read-only.
signInWithOtp - First OTP always expired #756
Description
Bug report
Describe the bug
When I use signInWithOtp, using an actual OTP and not the magic link, the first code is almost always expired when I use it in verifyOtp. Only when I request a new code (using signInWithOtp again), do I get a working one. It happens in development and production.
To Reproduce
- Sign in with OTP (this happens inside a modal dialog):
const { error } = await supabaseClient.auth.signInWithOtp({
email: email,
options: { data: { ...Object.fromEntries(gameStats) } }
});
- Verify the OTP (this happens in another modal):
const { error } = await supabaseClient.auth.verifyOtp({ email: emailToVerify, token: otp, type: "magiclink" });
- The verify method throws an error (expired OTP) -> repeat steps 1 & 2 in the exact same way, now it works (the second OTP is valid).
Expected behavior
The first OTP should work.
System information
- OS: Windows
- Browser: Chrome
- Versions:
- "@supabase/auth-helpers-nextjs": "^0.5.2"
- "@supabase/auth-helpers-react": "^0.3.1"
- "@supabase/supabase-js": "^2.2.1"
Additional context
I'm using React + NextJS together with Supabase's helper packages.