What is Session management in Supabase?

Supabasecloud~5 mins

Session management in Supabase

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Session management helps keep users logged in safely. It remembers who you are while you use an app.

When you want users to stay logged in after they close the app.

When you need to check if a user is allowed to see certain pages.

When you want to log users out after some time for security.

When you want to refresh login tokens without asking users to sign in again.

Syntax

Supabase

const { data, error } = await supabase.auth.getSession()

const { data, error } = await supabase.auth.signInWithPassword({ email, password })

const { error } = await supabase.auth.signOut()

getSession() gets the current user session if logged in.

signInWithPassword() logs in a user with email and password.

Examples

Check if a user session exists and print it.

Supabase

const { data, error } = await supabase.auth.getSession()
console.log(data.session)

Supabase

const { data, error } = await supabase.auth.signInWithPassword({ email: 'user@example.com', password: 'secret' })
if (data.session) {
  console.log('User logged in')
}

Log out the current user.

Supabase

const { error } = await supabase.auth.signOut()
if (!error) {
  console.log('User logged out')
}

Sample Program

This program logs in a user, checks the current session, and then logs out the user. It shows how to manage user sessions step-by-step.

Supabase

import { createClient } from '@supabase/supabase-js'

const supabaseUrl = 'https://xyzcompany.supabase.co'
const supabaseKey = 'public-anonymous-key'
const supabase = createClient(supabaseUrl, supabaseKey)

async function manageSession() {
  // Sign in user
  const { data: signInData, error: signInError } = await supabase.auth.signInWithPassword({
    email: 'user@example.com',
    password: 'password123'
  })
  if (signInError) {
    console.log('Sign in error:', signInError.message)
    return
  }
  console.log('Signed in:', signInData.session !== null)

  // Get current session
  const { data: sessionData, error: sessionError } = await supabase.auth.getSession()
  if (sessionError) {
    console.log('Get session error:', sessionError.message)
    return
  }
  console.log('Current session user email:', sessionData.session?.user.email)

  // Sign out user
  const { error: signOutError } = await supabase.auth.signOut()
  if (signOutError) {
    console.log('Sign out error:', signOutError.message)
    return
  }
  console.log('User signed out successfully')
}

manageSession()

OutputSuccess

Important Notes

Always handle errors to know if login or logout fails.

Sessions keep users logged in without asking for password every time.

Use secure environment variables for your Supabase keys, not hardcoded strings.

Summary

Session management keeps track of who is logged in.

Use signInWithPassword to log in and signOut to log out.

Check current session anytime with getSession.