Is it okay to expose both the anon_key and auth_url on the frontend client?

I'm trying to let a user update their email address while being signed in. Using the email link works for confirmation, but using

verifyOtp

with the emailed token doesn't. Am I using the correct method for token verification?

client.auth
  .verifyOtp({
    email: new_email,
    token,
    type: "email_change"
  })

request payload:

{"email": <new_email>,"token":<token>,"type":"email_change","gotrue_meta_security":{}}

response payload:

{
  "code": 404,
  "msg": "User not found"
}

i created a profiles table following this guide: https://supabase.com/docs/guides/getting-started/tutorials/with-sveltekit but added 'username' and 'role' only to the profiles table. username default is the email the user used to register and role default is the string 'user' all works ok, i register users and login and logout, the issue is that signInWithPassword is returning old data when login in

const { data, error: err } = await locals.sb.auth.signInWithPassword({
            email: body.email,
            password: body.password
        })

        if (err) {
            if (err instanceof AuthApiError && err.status === 400) {
                return fail(400, {
                    error: "Invalid credentials",
                })
            }
            return fail(500, {
                message: "Server error. Try again later.",
            })
        }
        console.log(data);

the login is succesful but when logging the data data.session.user.user_metadata and data.user.user_metadata returns this for the 2 users i have (the original data when user was created):

user_metadata: { role: 'user', username: 'emailone@gmail.com' },
user_metadata: { role: 'user', username: 'emailtwo@gmail.com' },

and it should return this (the data in the database, see img attached):

user_metadata: { role: 'admin', username: 'pathone' },
user_metadata: { role: 'user', username: 'pathtwo' },

is signInWithPassword the correct way to get user metadata from the profiles table or how can i get the correct, current data from the profiles table when a user logs in?

@Aqxy hey! I was hoping you could let me know when my shipment would arrive. We were talking on email but I like contacting on discord more easier

I've accidentally deleted the SQL that generated one of my views. Is there any way to see this code again, since the view still exists?

supabase.table("tablename").delete().match({"uid": uid}).execute()

This doesn't error, but it doesn't actually delete the row either. Any hints?

I'd like to diagnose an issue I'm running into. The aforementioned issue During local development, my

import_map.json

isn't being applied when executing

supabase functions serve

(all) but it is working if I serve just one function directly i.e. using the

deno-relay

container. I can see it's mounted into the

edge-runtime

container as I'd expect, but when the function runs it crashes due to import paths being incorrect. In order to diagnose I presumably need to need to know what the

edge-runtime

binary in that container is doing 😅

Lets say a user calls the supabase.auth.signOut() fn from the client directly. If the server itself tries to make a call after, would it still be considered signed in/able to retrieve data? Perhaps I'm not looking at this correctly. Specifically using NextJS in case that matters.

I have a lot of images that I want to upload to Supabase. but I need to have a clear way to retrieve these files in my application. The methods I can think of are 1. Is there a way to have a trigger that automatically creates the URL row of the upload with some meta fields in my table. 2. Or I could specify the folder when I upload the images. Then I just need to get all the images based on the name of the folder. When I look at the API documentation. It looks like it can only retrieve all files from the bucket, not the folder? 3. Upload images to different buckets. In this case I need to create a lot of buckets and I don't think this is a good way to do it? Thanks for help

Does Supabase capable to build a flutter windows application (offline & online) ? but my app contains too relational data, it's like POS system

Hi folks, just curious if supabase’s Postgres instance support the NOTIFY and LISTEN command? We want to use a Postgres adapter (https://socket.io/docs/v4/postgres-adapter/), but are curious if it’s possible using supabase.

I'm using the Auth UI component in NextJS and I create the component but it looks strange.

I noticed the getting started instructions for SvelteKit [1] have been simplified and no longer reference the auth helper. Has the team integrated this work with the core library? [1] https://supabase.com/docs/guides/getting-started/quickstarts/sveltekit

Supabase Python Community package client library doesn't work for our project. Are there some examples of using supabase auth and database REST API endpoints with Python using a generic package like Requests? Examples of a few operations and if they are feasible using the REST APIs? - check using email id, if a user exists - add a new user - CRUD operations on tables thanks

I am using the latest JS SDK Problem: I want to subscribe to changes of a database table when a row is added, deleted or updated which is in relation to the user. Row name -> Games A game have two players. Right now that is done with an array data type which consist of two ids. Have considered making a second table which is called game_players. All I find are some old code snippets for v1, which is not usable. i.e.

js
    supabase.from('games').on('*', (payload) => console.log(payload))

Does anyone have a good idea?

Is there a way to configure Supabase to always return Bigint values as string to the client? I use bigint ids that are not sequential (see https://instagram-engineering.com/sharding-ids-at-instagram-1cf5a71e5a5c) and almost always they exceed JavaScript's number precision, causing the app to break because IDs become inaccurate. The only way to work around this that I know is doing my queries as `select("id::text, ..."), but this both breaks TypeScript type generation and is error prone. How can I make sure the API always processes these values as strings? I remember something like this was already done for Supabase's own admin dashboard. Type generation issue: https://github.com/supabase/postgrest-js/issues/370)

How can I pass an ID in vue component as the used docs is using script setup tag in vite which differs from the normal script tag in vue 3 Composition api

I want to search inside a JSONB column for values that match emails with a specific domain. Lets say I have first.last@example.com. I need my query to find that database row because it matches the example.com inside the email. I know this can be done using regex, but I am not sure if or how to use regex inside Supabase. Here is my code to match inside a JSONB object without regex.

let { data, error } = await supabase.from('sites')
                .select('*') 
                .not('lastupdated', 'is', null)
                .contains('sitedata->plugins', JSON.stringify([{'email': var}]));

Everything was working fine till a day before but all of a sudden this problem starts, I am sending username and password in JSON as below: { "email": "username@testmail.com", "password": "password" } response as below: { "code": 500, "msg": "Database error saving new user", "error_id": "79b788b2937d2d1e-IAD" }

Hello ! I am trying to make an app that involves users upvoting content (in this case, giving a ⭐) Unfortunately, after searching on Google, I could not find results that fixed this flaw. Currently my RLS policy allows for registered to vote (inserting a new row in the votes table) but I have no idea how to check if the user has already voted for that content (meaning to cross-check if the userID (stored in a column) has already voted for that content (an ID stored in another column). How do I implement such a policy ? Thank you for reading and have a nice day 🙂

PS: or with 'sign_in_with_apple' and 'google_sign_in' packages

I am currently reading into Postgres configuration for full-text search, and it seems, some of it needs ability to place files into

$SHAREDIR/tsearch_data

. Is it possible to upload files there for hosted supabase? Can it be done via the SQL editor? Or the CLI? See https://www.postgresql.org/docs/current/textsearch-dictionaries.html.

I'm trying to use the provider_token (or provider_refresh_token) that supabase is returning me in the session. I'm using the sveltekit helper. After I login and move around in the application for a while it works fine. I check for the provider token and if present I go ahead and make the calls to the google photos api I want to with that token. After either a period of time or my local server going to sleep and coming back I completely lose the provider token. Is this because it is being stored on the server in a session somehow? I can't find a cookie that looks like it is saved anywhere on the local client to try and grab either? Is there a way to just force a refresh with a valid supabase token to then return a new provider token without logging in again? Just trying to get this right. I also want to run my sveltekit app on Vercel or some other serverless platform so the server itself will be stateless.

Hi Team, New to TypeScript/JS land. I noticed that node promoters "error first" callbacks. It seems like all Supabase funcs are "data first" with the error second. Can someone fill me in on the philosophy here?

Hello, is it possible to use supabase client to insert data from a client-side page?

Is there a way to use custom provider to sign user into Supabase? I'd like to use TikTok for example, which is not available on the list of providers supported by Supabase.

There is some way to change the name of the supabase cookie in the web? By default it is called supabase-auth-token, we can change it?

Hey all, currently experiencing issues with getting the session from

auth.getSession

in a nextjs app. I've raised an issue here 👉🏾 https://github.com/supabase/supabase/issues/12522 Any help or feedback would be greatly appreciated!

My sveltekit project keeps getting a console error of "Uncaught Error: supabaseUrl is required." when attempting npm run preview. I'm not sure what is causing this. My .env file is set up according to the SveltKit auth helpers guide in the docs. Ive also attached my createClient code as well. npm run dev works fine. Has anyone else run into this issue

Hello everyone, thank you for providing such a great platform. I have some questions regarding building a production-grade application with real-time chatting and communication using Supabase. I have reviewed some examples on the Supabase website and community repository, and while they are a good starting point, I have concerns about the performance of the message table in a production environment. As the table grows with usage, it may require indexing or partitioning or sharding to maintain performance. As Supabase is a managed solution, I am wondering if this is something I need to worry about, and what the recommended approach is for handling such situations. Currently, we are considering communicating with the Supabase server directly through the Flutter SDK and not using a middle layer such as an API or caching server. Do we need to consider this in our approach, and if so, what technical details should we keep in mind? Thank you for any technical insights you can provide.