this method filters for owner (uuid column in supabase) equals user_id (argument passed in) OR members (uuid[] array column in supabase) contains user_id (arg)...but i think im messing up the syntax. im not experienced in the

raw PostgREST syntax

the docs mention for .or() method getting a

22P02

error with message

"invalid input syntax for type uuid: \"($user_id\""

js
const fetchEvents = async (user_id) => {
        // filter for owner = user_id OR members (array column) contains user_id
        const { data, error } = await supabase
            .from('events')
            .select()
            .or('owner.eq.($user_id),members.cs.({$user_id})')

        if (error) {
            console.log('error: ', error);
        }
        else {
            console.log('{data}: ', data);
        }
    }

On hosted supabase, it appears new project creation is down. Just me? Nothing special, just new project -> enter password -> create. Stuck for > 20 minutes now.

I'm using Supabase as follows: I have an express backend server which queries the database. It is the only place where I call the DB. I'm wondering if it would be more memory/CPU efficient to have a direct connection.

Hello, I am a having some difficulty selecting data from another table using a uuid as the foreign key Example source Posts

id(uuid) |  title | content | owner

Users

id(uuid) | name | email

where owner in Posts uses the id in Users Running this query,

.from('posts')
.select(`id, owner(email)`)

Returns this result

{ id: '1d289ad3-271b-4558-8b43-2db6365gabe3', owner: null }

Am I missing something? Thanks!

I'm trying to create a profile table that adds some personal user info to the auth.users table and trying to enforce integrity of the email column. There is a partial unique index on the auth.users.email column and despite my efforts I can't seem to create a FK. I'm getting this error: "there is no unique constraint matching given keys for referenced table "users"" See below:

CREATE TABLE public.profile
(
    user_id uuid NOT NULL,
    email text NOT NULL,
    "firstName" text,
    "lastName" text,
    is_sso_user boolean NOT NULL generated always as (false) stored
);

ALTER TABLE ONLY public.profile
    ADD CONSTRAINT profile_pkey PRIMARY KEY (user_id);

ALTER TABLE ONLY public.profile
    ADD CONSTRAINT profile_unique_email UNIQUE (email, is_sso_user);

ALTER TABLE ONLY public.profile
    ADD CONSTRAINT profile_fkey_user_id FOREIGN KEY (user_id) REFERENCES auth.users(id);

-- why is this not working?
ALTER TABLE ONLY public.profile
    ADD CONSTRAINT profile_fkey_email FOREIGN KEY (email, is_sso_user) REFERENCES auth.users(email, is_sso_user);

Is it possible to allow authenticated user to update only specific columns in a table using RLS policy?

Good morning, We have a huge problem and all our clients when they register in https://kabila.app , they emails are arriving to SPAM folder. We have contacted Google since is our provider and they told us they need the SPF from Supabase to allow that IP. Could you guys let me know which is? Thanks

Unfortunately the default emails Supabase sends make their way into people's spam folder. Is this a known issue?

I see we can make migration scripts to edit our local version, but is there a way to pull the database schematics to our local version. I'm not sure if it would even let me sync. I want to do the opposite of this, so I can do this. Unfortunately my original setup did not use a local version, but now I want to add it. J

Could anyone help me on this one, TLDR is in the title. Link to stackoverflow: https://stackoverflow.com/questions/75135327/supabase-ssr-getsession-always-returns-null

Hi, im trying out nuxt, and im following this tutorial https://supabase.com/docs/guides/getting-started/tutorials/with-nuxt-3. When i add in the module though, everything breaks and i get a 500 error when trying to view my site with npm run dev. Is this something to do with an incompatibily the Supabase module and Nuxt?

500
Invalid URL

at URL.onParseError (node:internal/url:565:9)
at new URL (node:internal/url:645:5)
at new SupabaseClient (C:\Users\User\Documents\Playground\Nuxt\supabase-nuxt-demo\node_modules\@supabase\supabase-js\dist\module\SupabaseClient.js:77:41)
at Module.createClient (C:\Users\User\Documents\Playground\Nuxt\supabase-nuxt-demo\node_modules\@supabase\supabase-js\dist\module\index.js:20:12)
at Module.useSupabaseAuthClient (C:\Users\User\Documents\Playground\Nuxt\supabase-nuxt-demo\node_modules\@nuxtjs\supabase\dist\runtime\composables\useSupabaseAuthClient.mjs:16:57)
at C:\Users\User\Documents\Playground\Nuxt\supabase-nuxt-demo\node_modules\@nuxtjs\supabase\dist\runtime\plugins\supabase.server.mjs:14:44
at fn (C:\Users\User\Documents\Playground\Nuxt\supabase-nuxt-demo\node_modules\nuxt\dist\app\nuxt.mjs:151:27)
at Object.callAsync (/C:/Users/User/Documents/Playground/Nuxt/supabase-nuxt-demo/node_modules/unctx/dist/index.mjs:49:19)
at callWithNuxt (C:\Users\User\Documents\Playground\Nuxt\supabase-nuxt-demo\node_modules\nuxt\dist\app\nuxt.mjs:153:23)

I'm running some code on Codesandbox and it throws multiple CORS errors

from origin 'https://zb3yqn.csb.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Request URL: https://gwcjylrsyylsuacdrnov.supabase.co/realtime/v1/websocket?apikey=xxxx&eventsPerSecond=10&vsn=1.0.0
Request Method: GET
Status Code: 500

URL and API key are correct because the database does get updated with values.

Hi, is there a way to give a team member of my organisation only access to one project? I did not find an option for this problem in the organisation tap. The only thing I could think of was to locally host supabase on each of my teammebers machine while developing and publishing it with an ci/cd flow but i am not sure if that works without general access to the organisation.

Hi I've created an RPC that should return the count of a table where store_id is equal passed to the one in the params.

CREATE OR REPLACE FUNCTION get_length(store_id integer)
  RETURNS integer as $func$
SELECT COUNT(*)
      FROM product_table where product_table.store_id = store_id and product_table.published = true
$func$
language sql;

It return success. And I call it like so

export const getProductsLength = async (store_id: number) => {
  let { data, error } = await supabase.rpc("get_length", {
    store_id: store_id
  })
  if (error) throw error
  return data
}

I've made sure that it get's a id passed in. 167 in my case. and that should return 39. But it does return undefined. Any ideas?

Hello Community, i created a edge function for calc the median of a number list and try to call from mi Postman, i live in Cuba and get a error with the request, but if a use a VPN then thy function response success. So can you have any restrictions for used the edge functions from this country😩

Hi, in the Project Settings page at https://app.supabase.com/project/[projectid]/settings/general, the teaser "Custom domains are a Pro plan add-on" leads to a plan selection page through the "Modify subscription" button. On that subsequent page, custom domains are never mentioned which is quite unintuitive. I am aware that there is a "See detailed comparisons across plans" link at the bottom, but that's tiny. Listing the custom domains feature directly is an easy way to avoid some confusion.

Hello team, I'm just curious if I can change old migration files to do things such as add additional columns to a table definition. When I run

supabase db push

Will the changes be captured on the remote db? Or will only NEW migration files be applied, thus old migration files ignored?

Hello, I just noticed that a project of ours has an initial migration file which appears to be generated from running:

supabase db remote commit

when we first started the project. I believe we wanted to make sure any default settings were captured in our migration files, but are not sure if this was a good idea. The file contains a bunch of SQL code such as:

--
-- PostgreSQL database dump
--

-- Dumped from database version 14.1
-- Dumped by pg_dump version 14.5 (Debian 14.5-2.pgdg110+2)

SET statement_timeout = 0;
SET lock_timeout = 0;
SET idle_in_transaction_session_timeout = 0;
SET client_encoding = 'UTF8';
SET standard_conforming_strings = on;
SELECT pg_catalog.set_config('search_path', '', false);
SET check_function_bodies = false;
SET xmloption = content;
SET client_min_messages = warning;
SET row_security = off;

--
-- Name: pgsodium; Type: EXTENSION; Schema: -; Owner: -
--

CREATE EXTENSION IF NOT EXISTS "pgsodium" WITH SCHEMA "pgsodium";


--
-- Name: pg_graphql; Type: EXTENSION; Schema: -; Owner: -
--

CREATE EXTENSION IF NOT EXISTS "pg_graphql" WITH SCHEMA "graphql";


--
-- Name: pg_stat_statements; Type: EXTENSION; Schema: -; Owner: -
--

CREATE EXTENSION IF NOT EXISTS "pg_stat_statements" WITH SCHEMA "extensions";


--
-- Name: pgcrypto; Type: EXTENSION; Schema: -; Owner: -
--

CREATE EXTENSION IF NOT EXISTS "pgcrypto" WITH SCHEMA "extensions";

There's much more included... that's just a snippet. Thanks!

I tried signing up an existing user, and I actually get back data from that user instead of an error saying the action can't go through. Is there a way to detect this, or is it common practice to not pay this edge case much attention?

Hi guys, I'm building an app using Supabase's authentication and database APIs. The app can only be access if you are a valid user & shows one table with data on each page. I'm hosted with Netlify, and have my region for Supabase set to 'eu-west-2' (London), which is close to where I'm located. Does anyone know why my server response time is so high? Thanks!

So currently I test my App that used Supabase, especially the auth. Since it stores the auth data to a certain local storage, how to remove it after the test ends so I can test again without getting logged in at the initial test?

As the title says. I am trying and failing to find the output of a

raise log

called in a function. Am I missing something simple? Everything in the docs point to a UI that doesn't exist(https://supabase.com/docs/guides/platform/logs). I have also gone through the ui and clicked into the

logs

menu and have spent a lot of time going through the results but never seem to find anything I output from a function. I know the function is being called since most of the actions in it go through but I can't find any info from using either

raise notice

or

raise log

. The real problem is using the function as a trigger to insert data into a table but it fails constantly with a

relation does not exist

but the table I made has no relations to another table and it definitely exists since I can insert data into it, just not from a trigger function so I want to log out the data I am using to make sure it's not broken somehow. Please help. I literally have no more manual to read and am officially lost.

Hi, im simply trying to sign out of a session on Nuxt using supabase auth. I can't get it to work, it does nothing when i run supabase.auth.signout(). I logged user.value and it returns my info when im signed in, so i know theres a session. I attach a snippet below, and info would help!

Hello, I'm experiencing a weird issue. Anytime a user tries to create an account through the magic link flow (otp + /verify), it fails the first time (server returns 401 with

Token has expired or is invalid

and then if I refresh again and try again, it works. Is there any way to make it work the first time around? Attached what the network tab looks like when the account doesnt exist vs when it does exist

When running the Supbase CLI command

supabase link -p <password> --project-ref <project-ref>

the command will freeze for a long while and then eventually come back with

Error: Get "https://api.supabase.io/v1/projects/<project-ref>/postgrest": context canceled

I've been connecting directly to my hosted supabase project and am wanting to move my development to my local machine. So I'm trying to link the project so that I can grab the database schema using

supabase db remote commit

. Anyone have any advice? Maybe I can just update the local

supabase/config.toml

file with my project ref? I don't see an obvious place to enter it in. Thanks!

When I try to oauth using facebook when prior I have the same email of a user that was invited by email. Any idea?

In this simplified example

Users

have an

id

,

eth_address

while

Assets

have

id

,

owner

,

owner_id

. When adding a new asset I will know the

owner

(which matches to

eth_address

in the Users table) but not the

owner_id

. Is there anyway to lookup the User whose

eth_address

matches the

owner

then link their

id

to the

owner_id

? Or should I just be making the

owner

column reference

eth_address

directly and get rid of the

owner_id

altogether?

sql
-- USERS
CREATE TABLE if not exists public.users (
    id   uuid DEFAULT uuid_generate_v4() PRIMARY KEY,
    eth_address   character varying NOT NULL,
    created_at   timestamp with time zone DEFAULT timezone('utc'::text, now()) NOT NULL
);
comment on table public.users is 'All active users';

sql
-- ASSETS
CREATE TABLE if not exists public.assets (
    id   bigint generated always as identity PRIMARY KEY,
    owner_id   uuid references public.users NOT NULL,
    owner   character varying NOT NULL,
    created_at   timestamp with time zone DEFAULT timezone('utc'::text, now()) NOT NULL
);

Hi there, I am working right now on the application, where I want to leverage all cool features from Supabase AUTH, however, I can't seem to find any relevant examples for my use-case. My use-case: - I want to have a NextJS/react app, where I will allow users to register/login through Supabase. - I have a Django/server side app, where I want to manage all my custom logic. With that being said, I need to write a custom auth logic for this, that would do next: - Validate the JWT sent by client(frontend app) - Once I validated the JWT – get an email out of it - Validate that email is in the Supabase database. - Then do my custom logic knowing, which user is this and mark them as authenticated. That being said, I am wondering about 2 things: 1. Is my algorithm correct? I've read all auth docs, but there are only client examples, and no examples on doing so within serverside 2.1 How do I validate the JWT? I see that I have a secret for decyphering it, but are there any common libraries that I can use in python for doing so? Any code samples to point to? 2.2 How do I validate email after getting it from JWT? Do I need to create a separate client(with special rights) and then use it to get such a user? Any code samples to point to? Separately, I see next code: https://github.com/supabase-community/gotrue-py/blob/dff74c6abc9da6939dc7c384e5ec4e2ea270e13a/gotrue/_sync/api.py#L477 based on it, I believe, maybe I don't need to actually validate JWT myself, and I can just send the JWT that I am getting from the client to this method. And that would go to the supabase API and validate it.

Hello, I found an issue in the Ruby script that is used to generate the token for Apple oAuth Signin. Instead of: private_key = OpenSSL::PKey::EC.new IO.read key_file It works instead with: private_key = OpenSSL::PKey::EC.new File.read key_file There are also missing steps for the process inside the Apple Developer Portal. And for general beginners, the script part does not specify how to correctly add the path. It completely omits this in the documentation.

I'm kind of new to this database thing so I'm wondering if the database vulnerabilities are handled by Supabase? All the user needs to do is handle who can do what to do their database? Is this how far we've come in tech development where we don't have to worry about handling the securities besides the URL and other keys like anon public? How do you actually backup the data and check the intregrity if it gets so big? Is there a way to check an audit log with categories of what changes happened and where? What if someone changes stuff (unauthorized) and no one knows what has been changed is what I mean. I'm not trying to get ultra deep with a full mastery of Supabase as I just want to have a database that I can use for API and stuff.