Next JS - Supabase 错误：AuthApiError：无效的刷新令牌：已使用

Question

我正在尝试在 Next JS 项目中实现 Supabase Auth

现在我遇到以下错误，该错误在以下情况下不断重复I npm run dev：

[AuthApiError: Invalid Refresh Token: Already Used]{
 __isAuthError: true,
name: 'AuthApiError',
status: 400
}

这是我的中间件.ts

import type { NextRequest } from "next/server";
import { NextResponse } from "next/server";
import { createMiddlewareClient } from "@supabase/auth-helpers-nextjs";
import { Database } from "./types";

const locales = ["en", "ar"];
const defaultLocale = "en";
const PUBLIC_FILE = /\.(.*)$/;

export async function middleware(req: NextRequest) {
  const res = NextResponse.next();
  const supabase = createMiddlewareClient<Database>({ req, res });
  const user = await supabase.auth.getSession();

  if (
    req.nextUrl.pathname.startsWith("/_next") ||
    req.nextUrl.pathname.includes("/api/") ||
    PUBLIC_FILE.test(req.nextUrl.pathname)
  ) {
    return;
  }

  const pathname = req.nextUrl.pathname;

  // Manage route protection
  const isAuthenticated = user?.data?.session?.user.role === "authenticated";

  const isLoginPage =
    pathname.startsWith("/login") || pathname.startsWith("/ar/login");

  const sensitiveRoutes = ["/", "/ar"];
  const isAccessingSensitiveRoute = sensitiveRoutes.some((route) =>
    pathname.startsWith(route),
  );

  if (isLoginPage) {
    if (isAuthenticated) {
      return NextResponse.redirect(
        new URL(`${pathname.startsWith("/ar") ? "/ar" : "/en"}/`, req.url),
      );
    }

    if (
      pathname.startsWith(`/${defaultLocale}/`) ||
      pathname === `/${defaultLocale}`
    ) {
      return NextResponse.redirect(
        new URL(
          pathname.replace(
            `/${defaultLocale}`,
            pathname === `/${defaultLocale}` ? "/" : "",
          ),
          req.url,
        ),
      );
    }
  }

  if (!isAuthenticated && isAccessingSensitiveRoute && !isLoginPage) {
    return NextResponse.redirect(
      new URL(`${pathname.startsWith("/ar") ? "/ar" : ""}/login`, req.url),
    );
  }

  // Check if the default locale is in the pathname
  if (
    pathname.startsWith(`/${defaultLocale}/`) ||
    pathname === `/${defaultLocale}`
  ) {
    // e.g. incoming request is /en/products
    // The new URL is now /products
    return NextResponse.redirect(
      new URL(
        pathname.replace(
          `/${defaultLocale}`,
          pathname === `/${defaultLocale}` ? "/" : "",
        ),
        req.url,
      ),
    );
  }

  const pathnameIsMissingLocale = locales.every(
    (locale) =>
      !pathname.startsWith(`/${locale}/`) && pathname !== `/${locale}`,
  );

  if (pathnameIsMissingLocale) {
    // We are on the default locale
    // Rewrite so Next.js understands

    // e.g. incoming request is /products
    // Tell Next.js it should pretend it's /en/products
    return NextResponse.rewrite(
      new URL(`/${defaultLocale}${pathname}`, req.url),
    );
  }
}

export const config = {
  matchter: [
    "/",
    "/login",
    "/((?!api|_next/static|_next/image|assets|favicon.ico).*)",
  ],
};

有时它会自动解决（不断重复几次然后停止）将我重定向到登录页面，有时它会不断循环此错误而不停止。