Hi all! We exceeded our database limit during a migration. We'd like to wipe the database, but are unable to because it is in read-only mode. Per the docs, we've run the following command

SET default_transaction_read_only = 'off';

but this doesn't work. It stays read-only

Hi, is there a way I can check if an user is using the application or not with supabase? Like change a boolean value in the table if there's no activity in the last 60 seconds

I've been struggling with this for several hours and can't find the error. I have a "org" table with a column "id" (uuid). I would like the user to have rights to read it if in raw_user_meta_data he has an entry "selectedOrgId" equal to the "id" of the organization.... I have created a function:

create or replace function auth.selectedOrgId() returns uuid as $$
DECLARE
  org_id uuid;
BEGIN
  RAISE LOG 'The full claims are: %', current_setting('request.jwt.claims', true);
  select (nullif(
    ((current_setting('request.jwt.claims')::jsonb ->> 'user_metadata')::jsonb ->> 'selectedOrgId'),    
    '')::uuid) into org_id;
  RETURN org_id;
END;
$$ language plpgsql;

And this is how the policy looks like:

CREATE POLICY "Access based on user selected org id" ON "public"."org" TO "authenticated" USING (auth.selectedorgid() = "id") WITH CHECK (auth.selectedorgid() = "id");

Any ideas?

I am trying to enable TOTP 2FA for a user. When I try to:

challengeAndVerify

valid TOTP code I get:

AuthException(message: An invalid response was received from the upstream server, statusCode: 502)

For an invalid TOTP I get:

AuthException(message: Invalid TOTP code entered, statusCode: 400)

I am using hosted Supabase, Is there anything I need to do / configure / enable for TOTP to work? This Flutter/Dart code demonstrates how I use it:

dart
 final res = await supabase.auth.mfa.enroll();
 final factorId = res.id;
 final qrCodeUri = res.totp.uri;
// render QR code and validate code
await supabase.auth.mfa.challengeAndVerify(factorId: factorId, code: totpCode);

Can someone help me with this error connecting to my supabase?

Hello, I am trying to update multiple rows for one of my tables, I noticed that even though I thought that I had successful update in my ui, my database wasn't updating. here is the code:

const saveChanges = async () => {
    if (!products) return;
    let successfulUpdates = 0;
    products.forEach(async (product, index) => {
      const { data, error } = await supabase
        .from('products')
        .update({ order_number: index + 1 })
        .eq('id', product.id);
      // .single();
      console.log({
        data,
        error
      });
      if (!error) {
        successfulUpdates++;
      } else {
        toast.error(error.message);
      }
      if (successfulUpdates === products.length) {
        toast.success('All updates have succeeded!');
      }
    });
  };

I had no idea what was wrong until I checked that I had products table on read only RLS access ❌ . I fixed this by adding

.single()

and now I receive error correctly, however I have 2 questions: 1. Why I wasn't getting any error message on my original code? 2. Is there any way to get more definitive error messages? At the moment I am receiving this:

{data: null, error: {…}}
data
: 
null
error
: 
code
: 
"PGRST116"
details
: 
"Results contain 0 rows, application/vnd.pgrst.object+json requires 1 row"
hint
: 
null
message
: 
"JSON object requested, multiple (or no) rows returned"

Why is there no hint on why this error was thrown?

Hello, So far I haven't had the need to use any realtime functionalities, but now I am wondering if I should use it for this. I want to let users to receive invoice notifications in their UI. Should I use realtime for something like this even though it's not frequent and they __might only receive 1 invoice notification per day__, or is it better to have some function running every minute or so that checks if there are any invoice notifications?

Hi I have an address lets assume "adaishsiahbda" in the db and its in the column aptos_id I want it to return me if that address exist in the db or not how can I do that ? supabase.from("Profile").select('aptos_id');

how to define the http_request.uri? i just have a trigger that triggers before delete. this triggers a function for deleting every entry related to data created by the user itself. now why and how to define that request uri? didnt find anything for that error in the internet

I created a function like this:

sql
CREATE FUNCTION function_name (params)
  RETURNS TABLE (
    "column1" "type",
    "column2" "type",
    )
  LANGUAGE "plpgsql"
  AS $$
BEGIN
  RETURN QUERY
  SELECT something here where something else
END;
$$;

Now when I do

js
const { data } = await supabase.rpc('function_name', params);

The type of

data

is

ts
data:{
 foo: bar;
}[][] | null

How can I make the return type to be just

ts
data:{
 foo: bar;
}[] | null

how to reset supabase db

Hi there, I'm working on adding an

approved

column for my

followers

table. The default value should be based on whether the user_id being followed is private or not. This is how I've structured my query so far.

ALTER TABLE followers
ADD COLUMN approved BOOLEAN NOT NULL DEFAULT (
CASE WHEN EXISTS (
    SELECT 1 FROM profiles WHERE id = followers.user_id AND private = false
  ) THEN true ELSE false END
);

But I get this error:

Failed to run sql query: cannot use subquery in DEFAULT expression

Hey there, when creating my RLS policies I'm not exactly sure when to set a role or not. For example, if I want only authenticated users to gain access, do I need to always specify authenticated? What if I'm using auth.uid() in the policy that would automatically fail in that case right? In the screenshot I provided, is the target roles: authenticated necessary?

Hi, wondering if someone could help me out please, although maybe I'm on the wrong track or overthinking it! I've decided to open up more functionality of my app to non-authenticated users, however I still need to keep track of their "likes" so they can read products they have liked in one of the tables. I can do this using an anonymous ID saved in local storage and a context provider when I send requests to supabase. However this doesn't work with row level security (Eg. I can't do auth.uid() = user_id, and local_storage = user_id doesn't work since its only available on the client). I was thinking of setting a cookie as soon as a non-authenticated user visits the site and using it as an anonymous ID. Then its sent with a request to supabase (e.g. to the "likes" table), but how can i access the cookie value in a row level security policy? e.g. so I can do cookie_value = user_id in the 'likes' table. It all works fine without row level security as the queries are set up fine: e.g. supabaseClient .from("likes") .select("*") .eq("user_id", auth ? user.id : anonymousID) but it doesn't feel very secure.

I am unable to think of a solution where I can send the same name as the image name as its troughing error , I did think to use random name generation however I dont see it being feasible . Can some one suggest me a way ?

I want to write some raw SQL instead of using the supabase client on the backend for a specific task, but would like RLS rules to apply, i.e., I want to execute some hardcoded raw SQL but in the same authentication/authorization as the js client. How do I do that?

query=`SET 'request.jwt.claims' TO '${token}';`;

or what?

Are there any limitations on the number of API requests a free project can have per hour or similar?

Hi guys, I am using supabase as a hosted db and using prisma to manage migrations and crud, I am wondering if I can take advantage if the built in real-time functionality to losten to real time events on the backend and handle it with my own websocket implementation, I have my reasons why but mostly because I don't want the client to talk to supabase (more control mostly) but I welcome any challenges to this approach

We have a 'lessons' table, nested relationally to a 'units' table, nested relationally to a 'courses' table. couses.id > units.course units.id > lessons.unit and courses.owner = auth.uid() Here is the RLS that worked for inserting new units. (auth.uid() IN ( SELECT courses.owner FROM courses WHERE (courses.id = units.course))) How do we get this working for new lessons that make sure it is the course author adding lessons?

I'm building an app, and I'm trying out Supabase for the first time. The user should receive a 6 digit code via email, which they enter in the app, and then they can choose their new password. Is this possible with Supabase?

Hey, We are trying to bulk upsert a bunch of data ( about ~100 items per upsert ) but getting the error: 'All object keys must match'.

js
const { data, error } = await supabase.from('events').upsert([
  ...events,
], { onConflict: 'event_id' })

I had found this github ticket talking about it https://github.com/supabase/postgrest-js/issues/173. So I know it's something to do with the items in the array not all having the same columns. But It seems as though I would have to know which column is missing and create a trigger for possibility? Is that correct?

Is it possible to bootstrap a new project with the cli? Here is what I am trying to achieve, I am building a saas and I want to have a separate database for each customer, I think it will be easier to scale since I will (probably) never have to scale to millions of rows I want to bootstrap a new project and get back a postgres connection url, I then want to create a migration using prisma, and add some real-time subscriptions to some tables, how much of this can I achieve with the cli? It's fine if I can't achieve everything because customers will have to go through a manual setup anyway but it would be cool if I don't have to do it manually

Has anyone ever run into this issue before? I opened a bug ticket here: https://github.com/supabase/auth-helpers/issues/466

I'm working on an affiliate system for my sveltekit site and I want to generate unique identifiers when a user is added to my table. But I don't just want a uuid, I want: exampleString-uuid so chad-1 chad-2 chad-3 and so on Can this be done via supabase uuid generation?

What are the general use cases for RLS? When should we use it and when should we not? e.g. Use RLS for "security" instead of checking the user/role via code

hey yall, ive checked out the tutorials, docs, youtube videos, and asked around but I haven't gotten a clear answer and also the old react app for locally authenticating is out of date. Was curious if there is a quick and simple way to authenticate myself when testing an edge function locally. My edge function is similar to this one: (https://github.com/supabase/supabase/tree/master/examples/edge-functions/supabase/functions/select-from-table-with-auth-rls). I have that one downloaded so I can serve it myself I just can't figure out how to hit the endpoint as an authenticated user. Thanks in advance.

Because i have a client that wants to use a id for login. They also have their own api to validation, so if there is a way to use that api as a provider it would be good too.

We are getting this error inside a trigger function setup below. The trigger runs on the 'events' table after an update or insert.

sql
CREATE OR REPLACE FUNCTION update_from_events()
RETURNS TRIGGER AS $$
DECLARE
    away_team_mascot text;
    home_team_mascot text;
    total_score float;
    bet_row bets%ROWTYPE;
    winning_team VARCHAR(5);
    winning_mascot VARCHAR(50);
    spread INTEGER;
BEGIN
    raise log 'After event update %', NEW.id;

    IF NEW.event_status = 'STATUS_FINAL' THEN
        raise log 'After event update status %', NEW.event_status;
        raise log 'After event BET_ROW BEFORE: %', NEW.id;
        -- Loop through all bets that reference this event 
        FOR bet_row IN SELECT * FROM bets WHERE event = NEW.id LOOP
             raise log 'After event update bet_row %', bet_row.id;

            -- Calculate total score
            total_score := (event.away_score + event.home_score)::float;
        END LOOP;
    END IF;
    
    RETURN NEW;
END;
$$ LANGUAGE plpgsql;

The table 'bets' has a foreign relation key to 'events' in the 'event' column of bets. Anyone know what my error is by chance?

I am just getting started with Supabase and I am currently connecting to it through FastAPI. I am trying to order by id's but I want them to be descending and this query does not seem to work: "supabase.table('artists').select('*').order('artist_id', ascending=False).limit(10).execute()". I get the error that ascending is an unexpected keyword. What is the correct syntax for this query in Python?

Hey all working on getting my app out into the world and wanna start using Vercel. My app however does not let me login in prod. I'm able to login just fine via localhost. It just flickers for a second shows the google symbol then redirects to localhost root url. The URL I get redirected to from my vercel app: http://localhost:3000/#access_token=..... Really appreciate any help!

import { useEffect } from 'react';

import { ArrowLeftIcon } from '@heroicons/react/outline';
import { useUser, useSupabaseClient } from '@supabase/auth-helpers-react';
import { Auth, ThemeSupa } from '@supabase/auth-ui-react';
import Image from 'next/image';
import Link from 'next/link';
import { useRouter } from 'next/router';

import config from '../config/index.json';
import { getURL } from '../utils/utils';

const Login = () => {
  const supabaseClient = useSupabaseClient();
  const { login } = config;
  const router = useRouter();
  const user = useUser();

  useEffect(() => {
    if (user) {
      router.replace('/create-character');
    }
  }, [router, user]);

  if (!user)
    return (
      <div className="flex min-h-screen bg-background">
        <div className="w-1/3 flex flex-col justify-between max-w-lg p-3 m-auto border-primary">
          <div className="flex flex-col space-y-4">
            <div className={'flex top-10'}>
              <ArrowLeftIcon className={'h-6 w-6 text-primary pr-2'} />
              <Link className={'text-button'} href="/">
                Back to Home Page
              </Link>
            </div>
            <p className={'text-white'}>{login.description}</p>
            <Auth
              supabaseClient={supabaseClient}
              providers={['google', 'facebook']}
              redirectTo={getURL()}
......
}