are you using local development? If so
are you using local development? If so maybe you can switch to cloud. Or u can simply add a 50ms or 100ms delay to fetch the auth data i believe it will work for you too. π
6 Replies
I'm using the cloud dev env, not a docker compose image. Exactly as in the repo linked above. (I'll update the readme to give the run instructions.)
To be honest, I don't know how a delay of 100ms would explain why it works with convex.setAuth, but not with ConvexProviderWithAuth π
Hey Antoine, I dug into your repo and found some thing.
The issue is in ConvexAuthState.js - both useEffect hooks have authProviderLoading in their dependency arrays. Here's what happens:
1 . Server confirms that the cached token is valid.
2. SDK calls refetchToken() with forceRefreshToken set to true.
3. Your useJwtAuth sets isLoading to true.
4. This triggers the useEffect to re-run (because authProviderLoading changed).
5. Cleanup runs β client.setAuth gets called again β loop. The fix: Remove authProviderLoading from both useEffect dependency arrays in node_modules/convex/dist/esm/react/ConvexAuthState.js. This explains why convex.setAuth works - it bypasses ConvexProviderWithAuth entirely, so there's no useEffect reacting to loading state changes. I'm still not 100% sure why authProviderLoading was included in the deps in the first place - maybe for some edge case I haven't figured out yet. But removing it stops the infinite loop and auth still works correctly. π
2. SDK calls refetchToken() with forceRefreshToken set to true.
3. Your useJwtAuth sets isLoading to true.
4. This triggers the useEffect to re-run (because authProviderLoading changed).
5. Cleanup runs β client.setAuth gets called again β loop. The fix: Remove authProviderLoading from both useEffect dependency arrays in node_modules/convex/dist/esm/react/ConvexAuthState.js. This explains why convex.setAuth works - it bypasses ConvexProviderWithAuth entirely, so there's no useEffect reacting to loading state changes. I'm still not 100% sure why authProviderLoading was included in the deps in the first place - maybe for some edge case I haven't figured out yet. But removing it stops the infinite loop and auth still works correctly. π
Good to read you found something. π
If there is a edge case, maybe it's related to one of the supported auth providers (Clerk, WorkOS or Auth0)? My understanding is that the ConvexProviderWithAuth hook is used for them too.
Is the fix expected to be released in an incoming version of the client?
I guess? I've been looking into this topic for a long while but didn't get much useful information. Hoping the convex team will put more effort into authentication-related topics.
btw I am using workos for authentication. workos and clerk are much easier, and the custom JWT works well. I think switching to workos makes my life not that miserableπ₯²
Oh I assumed you were part of the team, because of the "cvx" badge. My bad.
Mmmh, maybe I can email their support in that case. π€
And thanks for the advice. I will definitely consider them for new projects (I already had a quick look at Clerk, and it looks great). π
For my current one, I cannot, the next app is added beside an existing Ruby on Rails app that brings its own auth (named devise), and we have all our users there, a back-office, a sync with hubspot...
In 14 years of dev, I haven't seen a single (real) project where the auth was easy, and this one is no exception. π
Haha, sorry for the confusion. I am just a random guy who loves Convex a lot, so I put that badge on.
I have the same experience with auth. I think it is the most painful part of all my projects, especially since every client has different weird needs.
But the experience with Convex auth is the most frustrating, especially since they make the development process much easier compared to other frameworks or tools. The painful parts are even more painful. And the official best practices just don't work, which makes me even sadder.
Anyways, I hope your projects went well!!!π π It is nice to discuss with you XD