Supabase #help-and-questions

verifying auth id token in backend

louis030195

03/09/2023, 1:42 PM

hey i'm verifying firebase auth like this:

Copy code

py
from typing import Tuple
import warnings
from fastapi import FastAPI, Request
from fastapi.responses import JSONResponse


def enable_firebase_auth(app: FastAPI):
    from firebase_admin import auth

    @app.middleware("http")
    async def firebase_auth(request: Request, call_next) -> Tuple[str, str]:
        # extract token from header
        for name, value in request.headers.items():  # type: bytes, bytes
            print(name, value)
            if name == "authorization":
                authorization = value
                break
        else:
            authorization = None

        if not authorization:
            return JSONResponse(
                status_code=401, content={"error": "missing authorization header"}
            )

        s = authorization.split(" ")

        if len(s) != 2:
            return JSONResponse(
                status_code=401, content={"error": "invalid authorization header"}
            )

        token_type, token = s
        assert (
            token_type == "Bearer"
        ), "Authorization header must be `Bearer` type. Like: `Bearer LONG_JWT`"

        try:
            token = token.strip()
            decoded_token = auth.verify_id_token(token)
            # add uid to scope
            request.scope["uid"] = decoded_token["uid"]
        except Exception as err:
            warnings.warning(f"Error verifying token: {err}")
            return JSONResponse(status_code=401, content={"error": "invalid token"})

        response = await call_next(request)
        return response

Whats the equivalent of

auth.verify_id_token

in supabase?

Server Side Rendered Authentication - AuthApiError: Invalid Refresh Token

DwieDave

03/09/2023, 2:02 PM

Hello, I am using the framework Fresh and I am trying to refresh a session (email/password) on the server side. I am passing the access_ and refresh_token as cookies between server and client. Signing in on Server-Side works and using

setSession({access_token, refresh_token})

works in regard of setting the Session for requests authenticated as the logged in user. But reading the docs

setSession()

should also refresh a Session if it is expired. But each time the JWT is expired and

setSession()

is called with both tokens it returns the following error:

AuthApiError: Invalid Refresh Token

. I did not call

refreshSession()

or any other method using the refresh_token besides the

setSession()

method. I really don't have a clue if that is normal behavior. Is the
setSession()
function call with valid JWT invalidating the refresh_token?

Do we have an updated version of the next.js supabase auth template?

Zenon

03/09/2023, 2:10 PM

The one in their GitHub Repository examples that doesn't use server components is from Nov. 2022

Debugging a delete which does not delete but returns 204

Ruben

03/09/2023, 2:24 PM

Using the very simple const { error } = await supabase .from('projects') .delete() .eq('shortname', in_placeholder) With very simple Delete access control while true. Getting a 204 when I call the delete api (via curl or via JS). But the row is not deleted. There are not foreign key dependencies on this row to cascade. Any suggestions on next steps for debugging this ?

How do I allow someone to have access on one of my projects dashboard?

Lukas V

03/09/2023, 2:33 PM

Hello, I have 2 projects running on supabase I just wanted to give someone access to one project, how do I do that?

Accessing relationships with GraphQL

Monimolimnion

03/09/2023, 2:37 PM

I have a table of courses, and a table of categories. Each course may belong to many categories. So I also have a table

category_course

which consists of foreign keys linked to the category ids and course ids. So course 1 may be in category 1, course 2 in category 1, etc etc. I want to retrieve all the Courses that belong to a given Category. I have the following query:

Copy code

query Category($slug: String) {
    categoriesCollection(filter: { slug: { eq: $slug } }) {
        edges {
            node {
                id
                name
        category_courseCollection{
          edges{
            node {
              courses {
                name
              }
            }
          }
        }
            }
        }
    }
}

But this returns

Copy code

{
  "data": {
    "categoriesCollection": {
      "edges": [
        {
          "node": {
            "id": "2",
            "name": "Category Two",
            "category_courseCollection": {
              "edges": []
            }
          }
        }
      ]
    }
  }
}

What am I doing wrong?

hot reload supabase edge function\deno in local dev

03/09/2023, 3:11 PM

Does anyone know how to auto reload\hot reload whenever the index.ts file changes? To save manually reload. Thx

Can't get 1 to many relationships

CharlesCharlieCharles

03/09/2023, 5:05 PM

I'm totally new to supabase. I'm using nuxt 3 and the nuxt supabase plugin and can't seem to fetch the relationships using the following code. *Note that I can get both sets of data individually. `let { data, error } = await client.from('printingconfig').select('*, price(*)') The code returns the printingconfig data and an empty array for the price relationship. As far as I can tell i have set the relationships set up correctly and the little square arrow button on the price table brings up the correct printingconfig record. the price table structure is as follows: id - primary key, int8 price - numeric printingconfig_id - int8, foreign key added which references printingconfig table and the id column the printingconfig table is as follows id - primary key, int 8 ....plus lots of other fields any help appreciated

Session Length on app.supabase.com Seems Short

clifton

03/09/2023, 5:09 PM

I am using GitHub auth on

app.supabase.com

, and it seems like my session expires like every few hours and I have to re-authenticate. When I first started using hosted Supabase a couple months ago, it seems like a session would last a couple days. Has anyone else noticed this? Or is it something wrong with my account?

Magic links are failing inexplicably for certain users

joshuabaker

03/09/2023, 5:13 PM

We’ve tried debugging but, despite using different emails (work, personal, Gmail, 365), different email clients, and different devices (desktop, iPad, iPhone), for certain users their magic links are always expired.

Module '"@supabase/auth-ui-react"' has no exported member 'ThemeSupa'.

paulgo

03/09/2023, 6:04 PM

Hi I am having a hard time finding resources on this, for some reason

ThemeSupa

isn't a member of

auth-ui-react

Copy code

tsx
import { useUser, useSupabaseClient } from "@supabase/auth-helpers-react"; 
import { useRouter } from "next/router";
import { Auth, ThemeSupa } from '@supabase/auth-ui-react'<--- [PROBLEM]
import Link from "next/link";
export default function Login() {
    //Supabase Database Handler
    const supabaseClient = useSupabaseClient();
    //User State from Supabase
    const user = useUser();
    //Next Router
    const router = useRouter();
    return (
        
      <>
      
      </>
    )
  }

Facebook Auth Provider not Returning Email

th_m

03/09/2023, 6:09 PM

Copy code

const value: SignInWithOAuthCredentials = {
      provider:'facebook',
      options: {
        scopes:"public_profile, email",
      },
    };

supabaseClient?.auth.signInWithOAuth(value);

getting this error back in the URL

Copy code

?error=server_error&error_description=Error+getting+user+email+from+external+provider#_=_?error=server_error&error_description=Error+getting+user+email+from+external+provider

Has anyone run into this? I have two test accounts i have been using. One is the account that owns the developer account, that one logs in no problem. The other is a typical user account and attempting to log in with that one returns the error. I think it is a bug with the supabase auth sdk.

Copy code

https://www.facebook.com/dialog/oauth?client_id=...&redirect_to=...&redirect_uri=...&response_type=code&scope=email+public_profile++email&state=...

It looks like email is already injected in there for us. but still not being added to the facebook dialog s

Any downside: to creating a bucket for each user?

insanelyok

03/09/2023, 6:58 PM

I am building a social-ish network type app and I'm creating a bucket for each user and storing all of their media in their bucket to make maintenance easier. Are there any downside from a supabase standpoint to doing this?

Connection Issues with supabase-js

ffkml

03/09/2023, 7:01 PM

I'm on a self-hosted docker instance, and I'm seeing intermittent connection issues when using supabase-js. Seems to be that postgrest has difficulty consistently connecting to the postgres container. I'm using postgrest/postgrest:v10.1.2 and supabase/postgres:14.1.0.106. Any thoughts on what might be going on?

Does Supabase context lost on a webhook?

jumeh

03/09/2023, 7:12 PM

Hi, I 've recently implemented a webhook on insert in one of my table (mockup). When triggered, I call one of my API route, and try to access the supabase session (to get the user email which sits in the profiles table): const supabase = createServerSupabaseClient({ req, res }) const { data: { session }, } = await supabase.auth.getSession() Session end up being null. What would be the proper way to do it, still kinda new with webhooks? Thanks

How to use verifyOtp() correctly? Getting a "Token is expired or invalid" error.

gtims123

03/09/2023, 7:25 PM

Currently I am calling: const {user, error} = await supabase.auth.signInWithOtp({ email: email, }); I have my magic link email template set up in supabase settings to give me a 6 digit code in the email. When I call verifyOtp I do this: let {error} = await supabase.auth.verifyOtp({ email: formattedEmail, token: code, type: 'magiclink', }); I am getting a "Token is expired or invalid" error. Does anyone have any advice on how to use verifyOtp correctly?

Failed to load module script: Expected a JavaScript module script but the server responded with a MI

Arsi

03/09/2023, 7:36 PM

how can I fix this

Edge functions using sharp...

insanelyok

03/09/2023, 7:55 PM

I tried using sharp to build my own image resizing to create thumbnails of my images and I'm getting and error saying that sharp-linux-x64.node is not supported. Are you not using linux-x64 for your edge servers or are you trying to stop the use of sharp for image resizing so that people use the built-in method?

channels

Mindrest

03/09/2023, 8:06 PM

Hey guys, I'm having legit a headache because I'm trying to... -> create a channel and have it listen to new connections (works) -> when I want to leave the channel, I want to unsubscribe from it so I'm setting the variable to null (doesn't work) I have tried ...

myChannel.unsubscribe()

supabase.client.removeChannel(myChannel)

myChannel = null

None of them work. I still have an instance of this channel. Any ideas of what am I doing wrong? Here's the code snippet:

Copy code

@override
  void initState() {
    _lobbyChannel = ref.read(chatRepositoryProvider).createChannel();
    _lobbyChannel?.on(
      RealtimeListenTypes.presence,
      ChannelFilter(event: 'sync'),
      (payload, [ref]) {
        final presenceState = _lobbyChannel?.presenceState();
        setState(() {
          _usersOnline = presenceState?.values.length ?? 0;
        });
        debugPrint(
          'On Sync: $_usersOnline - ${presenceState.toString()}',
        );
      },
    ).on(
      RealtimeListenTypes.presence,
      ChannelFilter(event: 'leave'),
      (payload, [ref]) {
        final presenceState = _lobbyChannel?.presenceState();
        setState(() {
          _usersOnline = presenceState?.values.length ?? 0;
        });
        debugPrint(
          'On Leave: $_usersOnline - ${presenceState.toString()}',
        );
      },
    );
    super.initState();
  }

  @override
  void dispose() {
    if (_lobbyChannel != null) {
      ref.read(chatRepositoryProvider).removeChannel(_lobbyChannel!);
    }
    super.dispose();
  }

  void joinSearch(String id) {
    setState(() {
      _isSearching = true;
    });

    _lobbyChannel?.subscribe(
      (status, [ref]) async {
        if (status == 'SUBSCRIBED') {
          await _lobbyChannel?.track({'profile_id': id});
        }
      },
    );
  }

  void stopSearch() {
    setState(() {
      _isSearching = false;
      _lobbyChannel = null;
    });
  }

Cannot retrieve a user with Supabase Auth

misakss

03/09/2023, 8:15 PM

The same code I ran two days ago and worked has now stopped working and I have no idea why. I have built and app using NextJS appDir v13.2. I have set up Supabase authentication which works great - I used the following guide to set it up: https://github.com/mryechkin/nextjs-supabase-auth/tree/main Now I need to include the user id in an API endpoint. This worked two days ago, but now it only returns null, and I have no idea why. When I check my Supabase dashboard I receive 401 on the get user request. This is strange since I'm logged in to the app while doing this and can see the cookie in the browser inspector. I'm stuck and I'd appreciate any guidance or help.

Where can i read more about realtime filters?

MATTI

03/09/2023, 8:21 PM

Can't seem to find any information on realtime filters in the docs. Am I super blind or is it hidden somewhere?

Constraints on auth table meta data

drewbie

03/09/2023, 8:51 PM

Is it possible to create a constraint around meta data that gets added to an auth user? In my particular case, I am using the username from auth signup, to assign it to the username column in my public accounts table. I have constraints set up on the username column on my accounts table and Id like to mirror those same constraints on the auth table. Is this possible? Thanks!

Updating auth.user metadata after sign up?

jabza

03/09/2023, 9:32 PM

I am new to Supabase and would like to update a 'roles' variable inside the .user_metadata field. Can this be done outside of sign up stage? Thanks!

is it now possible to set mime type and file size limit by bucket?

jopfre

03/09/2023, 10:41 PM

I can see this PR has been merged: https://github.com/supabase/storage-api/pull/277 not seeing anyway to make these changes in the UI though? has this been rolled out yet? or perhaps there is no UI, in which case how to set mime type and file size limit on a bucket?

Find table A entries when not exist entry on foreign key table

Luisfnicolau

03/09/2023, 10:45 PM

I have a Table A that has a foreign key to a Table B. (Table B has a one-to-many relation to table A) I need to query Table B where there is no Table A related to it by the API. It's like using LEFT JOIN and query for Table A id = null. There is a way to do that by Supabase JS API?

The resource was not found

goldyman

03/09/2023, 11:28 PM

I searched the possible answers. I understood I have to enable policies for my bucket. I basically gave to every authenticated user access to do whatever in a bucket. I try to upsert with flutter and I receive exception

Copy code

StorageException(message: The resource was not found, statusCode: 404, error: Not found)

my policies for all actions are. I'm stuck and I don't know how to resolve this

Copy code

dart
await _supabaseClient.storage.from('items').update(
              '$userId/${insertedItem.id}.jpg',
              itemFile,
              fileOptions: const FileOptions(upsert: true),
            );

Can you invoke an edge function from inside an edge function?

Psygen

03/09/2023, 11:46 PM

I need to do an external API call for every user in the database on a schedule. Gonna do scheduling / cron with the db function, but how should I set up the edge function? • One giant edge function that gets a list of users and runs API calls for each, synchronously • A smaller edge function that does the API call, and I call the function for each user from the db function • A meta edge function that calls the smaller edge function for each user (cron script only calls the meta one once)

Restart cron task with pause/restore

garyaustin

03/10/2023, 1:10 AM

A cron task runs after a database reset, but on pause/restore of a hosted instance it does not start up again. This seems to mean running the select cron operation by hand in the sql editor again. Any ideas on how to have cron tasks start rerunning automatically after pause/restore? My concern is not so much automatic pause/restore for free instance, but what happens in production free or pro when an upgrade is done.

What exactly does --experimental flag do?

Jinni

03/10/2023, 1:35 AM

What exactly does --experimental flag do?

Select with Count option returns null when using Next 13 server components

Zerro

03/10/2023, 1:54 AM

Hi! I'm trying out the new Next 13 app directory with supabase. Following this https://supabase.com/docs/guides/auth/auth-helpers/nextjs-server-components, I have setup server side supabase client. All the server side queries worked fine except when I did:

Copy code

javascript
const {data, error} = await supabase
    .from('<table name>')
    .select('*', { count: 'exact', head: true })

Here, data returned is null. When I removed head (or set it to false), it returns data without any count as if I did not included the count option at all. Maybe this is issue with getting count from

Content-Range

HEAD

request and that there is issue with Next 13 parsing the header?

Copy code

javascript
export const createClient = () =>
  createServerComponentSupabaseClient({
    headers,
    cookies,
  })

Just curious if anyone else is having the same issue.