I wish to only allow GitHub and OTP auth in my Supabase app

is there a way to change what gets shown here from dgnvviqfnfrqdxuwuyrm to the base URL or something more recognizable?

So I tried this approach - https://github.com/supabase-community/supabase-custom-claims/blob/main/install.sql and discovered that since the set_claim function does not return a trigger it wouldn't show up in the studio. so I rewrote it

CREATE OR REPLACE FUNCTION set_claim() RETURNS TRIGGER AS $$
BEGIN
  NEW.raw_app_meta_data = NEW.raw_app_meta_data || jsonb_build_object('role', 'USER');
  RETURN NEW;
END;
$$ LANGUAGE plpgsql;

any thoughts on the pros/cons of the new rewrite. seems to get the job done.

Once I login with my google account there is no way changing it. Clicking on login with google button logins my previous google account and I do not see accounts selection page again. Firefox works fine. Deleting cache and cookies did nothing. Any idea? I am on next js 13.4.4

Should it be possible to generate a signed upload url using a service_role key on the server without any particular policies defined? The following code on a NextJS server side route fails with error

StorageApiError: The resource was not found

.

const { data, error } = await supabase.storage
    .from("user-files")
    .createSignedUploadUrl(filename);

supabase

is an instance of the Supabase client initialized with the service role key as follows...

import { createClient } from '@supabase/supabase-js'

const supabase = createClient(supabase_url, service_role_key, {
  auth: {
    autoRefreshToken: false,
    persistSession: false
  }
})

Looking at the error logs for the Supabase Storage container running locally on Docker I see the following error...

DatabaseError: failed to retrieve bucket
    at new DatabaseError (/app/dist/storage/errors.js:22:28)
    at Database.<anonymous> (/app/dist/storage/database.js:105:35)
    at step (/app/dist/storage/database.js:33:23)
    at Object.next (/app/dist/storage/database.js:14:53)
    at fulfilled (/app/dist/storage/database.js:5:58)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
  status: 406,
  postgresError: {
    code: 'PGRST116',
    details: 'Results contain 0 rows, application/vnd.pgrst.object+json requires 1 row',
    hint: null,
    message: 'JSON object requested, multiple (or no) rows returned'
  },
  metadata: { bucketId: 'upload' }
}

Weird because the list operation on the same bucket works fine, not sure why bucketId is "upload" in the metadata section above either. Anybody have any ideas?

Hi everyone, I’m trying to put a storage limit on users’s accounts, so that they can only upload a certain amount of items until their space runs out. And I’m trying to make that amount free up when they delete items. I know I can make a column with how many gigabytes they have in their plan, but how can I actually enforce it with storage? The way it’s currently setup, every user only has access to a folder with their user Id on it. Thanks in advance for the help!

Hello everyone, I need help that. I've added github login on my website but can't find how can i create a condition with session. I use typescript btw my github login component:

ts
"use client";
import { createClientComponentClient } from "@supabase/auth-helpers-nextjs";
import { Session } from "@supabase/supabase-js";
import { useRouter } from "next/navigation";

async function AddCommment() {
  const supabase = createClientComponentClient();
  const router = useRouter();

  async function signInWithGitHub() {
    const { data, error } = await supabase.auth.signInWithOAuth({
      provider: "github",
    });
  }

  const handleSignOut = async () => {
    await supabase.auth.signOut();
    router.refresh();
  };

  return (
    <div className="mt-10">
      <button
        onClick={() => {
          signInWithGitHub();
        }}
      >
        Sign In
      </button>
      {/* if user logged in */}
      <button onClick={handleSignOut}>Sign Out</button>
    </div>
  );
}

export default AddCommment;

Hi, As the title implies, the restoration process is taking almost a day to restore the project and the amount of data is really low. I don't want to delete the project since I've defined schemas, triggers, etc... What do I do?

Hi, new user here 👋 I am trying to setup a project with a single table such that * any user accessing my project from their browser can perform a

SELECT

(they do not need to login) * users will never write to the database * there is a GCP Cloud Function that performs a

DELETE

and

INSERT

to my table Given this setup, should I use the

service_role

API key for my Cloud Function? Or would it make more sense to setup a custom role? If the latter is the case, I suppose I would have to setup a policy that checks for a predefined

email

field, and also handle refreshing the JWTs every once in a while. I didn't really see a section for service accounts in the docs, so I wanted to know how other people would handle this setup. Thanks in advance 🙏

am getting this error that i cant seem to find a solution for [AuthRetryableFetchError: Network request failed]

theres no info on how to bring this up

This is my code right now

const queryCC = async (query) => {
        try {
            let { data, error } = await supabase
                .from('cc')
                .select(`*, champions ( id, name ), roles ( id, role )`)
                .gte("currentrank", query.rank ? query.rank.id : 1)
                .contains("champions", [query.champion.id])
                ;
            cc = data;
        } catch (err) {
            console.log(err);
        }
    };

I have the tables "cc", "champions", "roles", "championRelations", "roleRelations". I want to get all the rows where "championsRelations" contains the specified champion. How do I do that? My .contains doesn't seem to work.

So to create a fresh local environment, I deleted my supabase volumes, containers and images from docker desktop and ran supabase start. The images got downloaded but the containers wont boot up. I have this log

running migrations
(node:1) NOTE: We are formalizing our plans to enter AWS SDK for JavaScript (v2) into maintenance mode in 2023.

Please migrate your code to use AWS SDK for JavaScript (v3).
For more information, check the migration guide at https://a.co/7PzMCcy
(Use `node --trace-warnings ...` to show where the warning was created)
finished migrations
supabase_pg_meta_projectjuniper container logs:

> @supabase/postgres-meta@0.0.0-automated start
> node dist/server/server.js

(node:52) ExperimentalWarning: Importing JSON modules is an experimental feature. This feature could change at any time
(Use `node --trace-warnings ...` to show where the warning was created)
supabase_studio_projectjuniper container logs:
info  - Loaded env from /app/studio/.env
Listening on port 3000
Error: service not healthy: [realtime-dev.supabase_realtime_projectjuniper supabase_storage_projectjuniper supabase_pg_meta_projectjuniper supabase_studio_projectjuniper]

This is my code

const queryCC = async (query) => {
        try {
            let { data, error } = await supabase
                .from('cc')
                .select(`*, champions!inner ( id, name ), roles!inner ( id, role )`)
                .gte("currentrank", query.rank ? query.rank.id : 1)
                .eq("champions.id", query.champion.id)
                .eq("roles.id", query.role.id)
                ;
            cc = data;
        } catch (err) {
            console.log(err);
        }
    };

As you can see in the ".gte" line sometimes my values are equal to null and in that special case I can assign a default value. But with the two ".eq" lines I'd rather check for if query.role/query.champion are null and when they are just exclude the entire ".eq" statement. How can I do that?

Im creting a flow to reset password i have the guests pages** 'reset-password' **and 'update-password'. WHen user click to reset, em sending email to his. After user click im sending a url link like this

https://my project.supabase.co/auth/v1/verify?token=token&type=recovery&redirect_to=http://localhost:3000/update-password/email

but after user clicks in this link if you already have another tab of the application open, it is already logging in, even before I update the password.;

I'm just trying to get a simple authentication system(using svelte) going. I have been able to log users in when they are manually created in the Supabase users section, but I can't create new users without an expired cookie error. The thing is, the cookie is a response header, which should mean it's coming from the server. For the signup functions I just did what I did with the login functions just changed it to supabase.auth.signUp instead of .signInWithPassword. I'm new to this and I've been trying to figure this out for an hour and have no clue what's going on. I'm just trying to create a new user.

I haven't found it in the auth schema, and it is not stored in auth.jwt(). I could pass the provider_token as a parameter to my function from the frontend, but that would cause security risks in my case.

i'm looking for a way to store a file in a bucket and save the url in a table, cant find anything similar in the docs. something like that possible or do i have to always create signedUrl when i want to retrieve/render the img? Dont want to keep stuff public.

Hey.

js
  const mp3 = event.target.files[0]
  const { data, error } = await supabase
    .storage
    .from('audios')
    .upload('audio.mp3', mp3, {
       cacheControl: '3600',
       upsert: false
  })

I want to upload a file, but how do I generate the filename (here represented as "audio.mp3" to be a UUID or something auto generated?

We're struggling to get auth cookies to work for various subdomains in our Next.js app. we created this

getRootDomain

function to return the root domain from a URL, like

foo.bar.com

gives us

bar.com

. It's also localhost-friendly. In our app, we're using Supabase and trying to dynamically set the cookie domain using

getRootDomain

. Here's how we're doing it in our

_app.tsx

file:

tsx
const [supabase] = React.useState(() =>
  createBrowserSupabaseClient({
    cookieOptions: {
      domain:
        typeof window !== 'undefined'
          ? getRootDomain(window.location.href)
          : undefined,
      maxAge: 60 * 60 * 24 * 10, // 10 days
      path: '/',
      sameSite: 'Lax',
      secure: true,
    },
  })
);

For the server side, we're whipping up the Supabase client with `createServerSupabaseClientWithCookies`:

tsx
export const createServerSupabaseClientWithCookies = (
  ctx: GetServerSidePropsContext
) =>
  createServerSupabaseClient(ctx, {
    cookieOptions: {
      domain: getRootDomain(ctx.req.headers.host || ''),
      maxAge: 60 * 60 * 24 * 10, // 10 days
      path: '/',
      sameSite: 'Lax',
      secure: true,
    },
  });

We've got an auth middleware set up too, but despite all this, we can't seem to get the cookie to set right. And this isn't just a production problem - it's happening locally too. We've been through a bunch of GitHub discussions, like this one: https://github.com/orgs/supabase/discussions/5742 but no luck Any advice on this topic?

How can I change password for a non authenticated user??

Hey. I made this lil' function to upload a file:

js
import { supabase } from "./supabase";

export async function uploadFile(audioFile) {
    const { uploadData, uploadError } = await supabase
        .storage
        .from('audios')
        .upload('audio.mp3', audioFile, {
            cacheControl: '3600',
            upsert: false
        }
    )

    console.log({uploadData, uploadError})


    if (uploadError) {
        return uploadError.message;
    }

    
    const { publicUrl } = supabase
        .storage
        .from('audios')
        .getPublicUrl(uploadData.path)
    
    return publicUrl;
}

But when running it the console and returns only give a undefined. Why?

Following this guide for Auth in Next 13 App dir, https://supabase.com/docs/guides/auth/auth-helpers/nextjs The auth works when utilizing the hosted url/key; but when running

locally

i get an error of

{"code":400,"msg":"PKCE flow is not supported on signups with autoconfirm enabled"}

when signing up. Reading the docs, I'm unsure of what exactly the issue is :(.

Description: I have set up user metadata in Supabase with the following fields: firstName: string lastName: string searchName: firstName + lastName I would like to perform a text search using supabase.textSearch() on the searchName field, which is inside the meta_data of user records. Is it possible to use supabase.textSearch() on a nested field like user.meta_data.searchName? If so, what would be the appropriate way to structure the query? Thank you for your assistance!

Hello, we are using regular DB password auth at the moment and when a user logs in, no matter how active the are in their session, the user is eventually logged out X time after the login event. We are using

supabase.auth.signInWithPassword

to sign in, and the JWT for auth purposes, but how can I keep the user logged in until they are inactive X amount of time from their last request to the server?

I am working on an app for applying to jobs. I have 2 tables: an application table, and an accepted table. The important columns are a user_id and post_id in the accepted application table, and a user_id and post_id in the accepted table. I am trying to implement an RLS insert policy on the accepted table that checks that the user_id being inserted has applied to the post (i.e. there's a row in the app. table with the same user and post ids) My (invalid) check expression is looking like this: (user_id in (select applications.user_id from applications where (applications.post_id = accepted.post_id))) Logically, I am trying to find all the applications whose post_id matches the post_id being inserted. Then, i see if the user_id being inserted is among these application user_ids. The main issue I am trying to solve comes from the fact that when I am inside the subquery, I am having trouble comparing the application.post_id to the post_id being inserted into the accepted table. by writing 'accepted.post_id', i am given an error that the accepted table needs to be in my from clause, but if i were to do so the logic would be different than how I am intending. In short: what is the syntax I should use within the subquery to reference an attribute belonging to the row being inserted? Side note - I know that in this example I can find other logically sound ways to write this query (for instance, I am pretty sure this would work: (user_id, post_id) IN ( SELECT applications.user_id, applications.post_id FROM applications) ), however I am really interested in finding an answer to the question I posed rather than just a work around for this specific policy. This is a problem I have with other policies in my project, and if what I am asking is reasonable, it would help many of my other RLS policies in the project. I hope I am clear, please let me know if you have anything helpful or if you need clarifications. Thank you in advance

Is there a way to avoid user from updating value of a column. For example

created_at

. I want to avoid adding more logic to client, so I hope to avoid asking every client to not include

created_at

value when sending the payload.

I'm using Graphql and running into a sorting issue, where it's unclear how to structure the "orderBy" query variable when we need to sort on a relation. The JS client docs have it documented as

.order('keyName', { foreignTable: 'tableName', ascending: false })

but that doesn't appear to translate to graphql. The generated

...OrderBy

type seems to imply only origin table attributes can be used for the sort key. Anyone got it to work, have an example? 🙏

Instead of using the JavaScript SDK, as I am an embedded device and do not

Hello, I am just trying to insert data and I keep getting this error. I change the policy of the product table, so that If a person is authenticated they should be able to insert data, but have been stuck on this for a while. Any help would be greatly appreciated!