failed to get_session after create_client by accees_token as supabase_key

[Atticuszz]

Describe the bug

# access_token from AuthResponse.session.access_token  by sign in from somewhere
async def get_db(access_token: AccessTokenDep) -> AsyncClient:
    client: AsyncClient | None = None
    try:
        client = await create_client(
            settings.SUPABASE_URL,
            access_token,
            options=ClientOptions(
                postgrest_client_timeout=10, storage_client_timeout=10
            ),
        )
        session = await client.auth.get_session()
        # client.postgrest.auth(token=access_token)
        user = await client.auth.get_user()
        yield client
    except Exception as e:
        logging.error(e)
        raise HTTPException(status_code=401, detail=e)
    finally:
        if client:
            await client.auth.sign_out()

session = await client.auth.get_session(),session got None unless i signed in with password etc

in short ,it should be able to recognize the access token from front_end after signed in , create_client with the access token as supabase_key should work for it

To Reproduce
just called

async def create_client(
    supabase_url: str,
    supabase_key: str,
    options: ClientOptions = ClientOptions(),
) -> AsyncClient:
    ....
    return await AsyncClient.create(
        supabase_url=supabase_url, supabase_key=supabase_key, options=options
    )

@classmethod
    async def create(
        cls,
        supabase_url: str,
        supabase_key: str,
        options: ClientOptions = ClientOptions(),
    ):
        client = cls(supabase_url, supabase_key, options)
        client._auth_token = await client._get_token_header()
        return client

add break point at client._auth_token = await client._get_token_header()
you will find that client._auth_token set to None!!!,which means the @property def postgrest(self): can not be inited correctly by access_token

self._auth_token = {
            "Authorization": f"Bearer {supabase_key}",
        }
``

**Expected behavior**
```python
    async def _get_token_header(self):
        try:
            session = await self.auth.get_session()
            access_token = session.access_token
        except Exception as err:
            access_token = self.supabase_key

        return self._create_auth_header(access_token)

client._auth_token = await client._get_token_header()
the first time after called get_session() should return the correct session like client.auth.get_user(jwt),it works

Desktop (please complete the following information):

• OS: win
• Version v 2.3.3

[silentworks]

before v2.3.3,there is no client._auth_token = await client._get_token_header()

This isn't correct as we introduced this before 2.3.3. Also the reproducible steps you've provided isn't complete. Please create a full reproducible example as its really hard to debug with partials. Also note I have 2.3.3 running in multiple demos.

The quoted functionality has been there since 2.2.0 https://github.com/supabase-community/supabase-py/blob/v2.2.0/supabase/_async/client.py#L94-L103

[silentworks]

Also note get_session() would return null either way since you aren't technically signed in, you're just passing the user's access token to the client. You would probably have to call set_session() in order to get a value back when calling get_session().

[Atticuszz]

sorry to bother u ! i think i am too sleepy yesterday that misundertand the version🌹
i got it thanks! ur correct,after just passed the access_token to called get_session() which should return None

Also there's no description in web doc about get_session(),maybe should add more

and can only pass access_token to set_session()?

doc said should passed togehter i do test and it's true in the project,
GPT4 always warns that not safe to pass refresh token every time😂,we hope to be able to recognize the user session by only the access token from front_end🫶

if we can achive that,then could we create_client() via accees_token as supabase_key? let get_session() works just passed it,which it's suitable for Front-end and back-end separation project i think.

[silentworks]

@Atticuszz these are very good ideas, I'm going to add them to the list of things to get done and add them in when I get a chance or you can create a PR if you wish and I'll get them reviewed.

[silentworks]

This PR should have resolved this issue #766.

[silentworks]

Closing this out as I believe it has been resolved.