This is my 3 tables: rikishis: id: int8 shikona: [] tournaments: id: int8 banzukes: id:int8 tournament_id rikishi_id Given that i have a "tournament_id" and a "shikona", i would like to get the rikishi_id. Thanks

I am just trying to follow the tutorial but I get this error when I try to run the user management starter pack https://supabase.com/docs/guides/getting-started/tutorials/with-flutter

I've had a decent look through the doc and the python supabase doesn't have anything as far as I can see for sending a password reset or email verification on demand. Is there a way I can pass in a specified email similar to the sign in function and it'll reset the password from that?

With earlier versions I got auth to work in a heartbeat but now with 0.9 I can't get it to work. I've followed the documentation but when I submit my form nothing happens. Anyone has an idea what's going on or what I could do? Thanks

Following the guide: https://supabase.com/docs/guides/auth/social-login/auth-keycloak Through this flow does Supabase support the request of the JWK to validate tokens? And OpenID endpoints (

.well-known/openid-configuration

)? In other words does this auth helper retrieve the JWKs from the url in the well known open id configuration endpoint to verify the signature of the token issued by keycloack and refresh the tokens?

As the title suggest how do i make the social button for azure use the microsoft logo and not azure logo when using auth-ui-react and auth-helper-react?

Hey I recently switched over from Firebase🥳 . I used to be able to listen to

FirebaseAuth.instance.authStateChanges()

in the StreamBuilder and if I was not logged in the connection completed without data and I was sent to the

Login

page, vice vera if I was logged in the connection completed with data and I was brought to the

Home

page. However I'm trying to use

Supabase.instance.client.auth.onAuthStateChange

the same way but it seems that it does not work the same. How can I achieve what I had with Firebase in Supabase, or is there an alternative I'm missing?

dart
class MyApp extends StatelessWidget {
  const MyApp({super.key});

  @override
  Widget build(BuildContext context) {
    return MaterialApp(
      title: 'Communion',
      theme: CustomTheme.lightTheme,
      home: StreamBuilder<AuthState>(
          stream: Supabase.instance.client.auth.onAuthStateChange, //used to be FirebaseAuth.instance.authStateChanges()
          builder: (context, snapshot) {
            if (snapshot.connectionState == ConnectionState.waiting) {
              return const Center(child: CircularProgressIndicator());
            }
            else if (snapshot.hasData) {
              return const Home();
            }
            else {
              return const LogIn();
            }
          }
      ),
      routes: {
        '/login': (context) => const LogIn(),
        '/signup': (context) => const SignUp(),
        '/profile': (context) => const Profile(),
      },
    );
  }
}

When inserting to feature table using REST api and a Authentication Bearer token it works. However, when using supabase javascript library it does not. I get a 'new row violates row-level security policy for table "feature"' error. Here is the row level security rule: CREATE POLICY "Enable insert for authenticated users only" ON "public"."feature" AS PERMISSIVE FOR INSERT TO authenticated WITH CHECK (true) Here is the relevant code: import { Injectable } from '@nestjs/common'; import { createClient, SupabaseClient } from '@supabase/supabase-js' @Injectable() export class AppService { supabase: SupabaseClient constructor() { const apiKey = this.supabase = createClient(process.env.SUPABASE_URL, process.env.SUPABASE_ANON_KEY) //log the user in this.supabase.auth.signInWithPassword({ email: process.env.TEST_USER_EMAIL, password: process.env.TEST_USER_PASSWORD }).then((resp) => console.log("user logged in. Logged in data: ", resp.data )) } async createFeature() { const {data, error} = await this.supabase .from('feature') .insert([{ name: 'new feature' }]) if (error) throw error return data } } Can any one tell why I keep getting 401 error when using the JS library whereas it works fine for the REST api?

Here's the code:

result = client.storage().list_bucket()

Reference: https://supabase.com/docs/reference/python/storage-createbucket

How do I check a broadcast sent on realtime channel was originated from same user?

There seems to be an issue with the generated types when using

supabase.rpc()

. I have the following types for my database function:

typescript
Functions: {
      search_by_placename: {
        Args: {
          search_query: string
        }
        Returns: {
          id: string
          placename: string
          municipality: string
          province: string
          coords: string
        }[]
      }
    }

As you can see, this returns an array with some object properties. However, when calling this method using

supabase.rpc()

the array type is duplicated, resulting in

[][]

(a nested array):

typescript
const data: {
    id: string;
    placename: string;
    municipality: string;
    province: string;
    coords: string;
}[][] | null

Is this a bug?

Hey, I am having tough time architecting my app. Suppose i have table name

public.users

. In this table if frontend calls

supabase
      .from('users')
      .select('*')

then It should only return user with email which is in supabase header token have but if it is called by backend it should return all the rows. What would be the policy I should add in attached screenshot below Consider the token to be this

const userDetails = {
      name,
      email,
    };
    const token = jwt.sign({ ...userDetails }, SUPABASE_JWT_SECRET || '');

and this is how I am creating supabase client

createClient<Database>(
      VITE_SUPABASE_URL,
      VITE_SUPABASE_ANON_KEY,
      {
        global: {
          headers: {
            Authorization: `Bearer ${token}`,
          },
        },
      }
    );

Wondering if anyone has had any issues with Next 13, running revalidate on a component using await supabase. I'm retreiving data from supabase, if I revalidate = 0 then I always get fresh data, however if I use webhooks / api call to trigger the revalidate (it seems to run and work) however I get stale data. This is likely an issue with Next/CDN caching... But wondering if anyone here has gotten this issue and how they solved it ? I'm following supa base youtube tutorials

I've never worked with edge functions before, but I'm assuming it's the only way to send requests to Plaid's API without unwrapping a separate backend service? Could you please point me to the right direction? What should I look into? How would a request look like? Thank you.

We've been using magic links since the beginning. Now we're adding an option for Google sign in, but getting this error. It happens when a user that has already logged in with magic links before, tries to log in with Google.

failed to close prepared statement: ERROR: current transaction is aborted, commands ignored until end of transaction block (SQLSTATE 25P02): ERROR: duplicate key value violates unique constraint "users_email_partial_key" (SQLSTATE 23505)

Is there any way to match the email, find the right user and then log them in?

After following the documentation (https://supabase.com/docs/guides/auth/auth-helpers/sveltekit#basic-setup) for the

auth-helpers-sveltekit

everything works except the header component.

<!-- src/lib/components/Header.svelte -->
<script lang="ts">
  import type { Session } from '@supabase/supabase-js';

  export let session: Session | null;
</script>

{#if !session}
  <h1>I am not logged in</h1>
{:else}
  <h1>Welcome {session.user.email}</h1>
  <p>I am logged in!</p>
{/if}

In the console I get:

<Header> was created without expected prop 'session'

. Thanks

Im trying Trying to connect my first Postgres database provided by Supabase to a Prisma project. When I try and use - ``npx prisma db push`` I'm running into the error - ``Error: Migration engine error: db error: FATAL: SASL authentication failed`` I'm not sure where things are going wrong, Ive followed the installation and migration docs. Ive added the database URL along with the password. Im using my Mac, has anyone else come across this problem?

Hi when using foreign tables I am un able to set policies for the table once created? See screenshots attached: I am a bit confused as the permissions in postgres are identical so I'm unsure why the studio webui is unable to interact/list them to add use them in REST/GRAPHQL APIs

Hi, I have had no problems with RLS client-side in my app but need to move my calls server side. I have been unable to get it to work no matter what despite using the official next auth helpers docs, hoping for some help to understand how to get my session / jwt associated with the second call to "user_profiles_view". The code is as follows:

export const getServerSideProps = async (ctx) => {
  // Create authenticated Supabase Client
  const supabase = createServerSupabaseClient(ctx);
  // Check if we have a session
  const {
    data: { session },
  } = await supabase.auth.getSession();
  const userId = session.user.id;

  console.log("session:", session);

  const { data } = await supabase
    .from("user_profiles_view")
    .select("*")
    .eq("id", userId)
    .single();

  console.log("userId", userId);
  console.log("profileData", data);

  if (!session)
    return {
      redirect: {
        destination: "/",
        permanent: false,
      },
    };

  return {
    props: {
      initialSession: session,
      user: session.user,
      profileData: data ?? [],
    },
  };
};

I have a SELECT policy for authenticated users using this code:

can_access_workspace(id, auth.uid())

The function code for that is here:

sql
CREATE OR REPLACE FUNCTION public.can_access_workspace(
  workspaceId uuid,
  uid uuid
)
RETURNS boolean
LANGUAGE plpgsql
SECURITY DEFINER
SET search_path = public
AS $$
DECLARE
  w workspaces;
BEGIN
  SELECT * INTO w FROM workspaces WHERE "id" = workspaceId;

  IF uid = w.owner THEN
    RETURN true;
  END IF;

  IF EXISTS (
    SELECT * FROM workspace_members 
    WHERE workspace_members."user" = uid 
    AND workspace_members.workspace = w.id
  ) THEN
    RETURN true;
  END IF;

  RETURN false;
END;
$$;

If I test it with

SELECT can_access_workspace('721e2689-ce82-42ef-b78a-c591f8832484', '812052d6-9948-43d0-a5ad-8bf1f1bae5b2')

it works fine (returns true), but using it in the RLS policy doesn't seem to work. I'm fetching all

workspaces

and nothing is returned. What am I doing wrong?

I am using AI ids for some of my tables which have RLS for anyone who is authenticated. My concern is someone could just go in the console and auto increment the ids to easily find the next value. It is not much of a security concern, but would allow easy data scraping. I know I can prevent this using UUIDs, but for performance reasons I prefer bigint ids. Is there a way to prevent the ids from being returned? I know I could potentially create a view or edge function, but I'm wondering if there is an easier way. Thanks!

I've set up Supabase with Prisma following the steps according to https://github.com/prisma/prisma/issues/17734 - so Prisma is in Sync now with Supabase DB. But when I try to invite a new user using Supabase Admin User invitation tool I get an error (in the top right corner) saying

Failed to invite user: failed to make invite request: Database error finding user

also when I switch to the Storage page I get

Internal Server Error

. Does anyone has an idea what happened here? Thanks!

Hello, In my Supabase project I have 3 different tables for users, Customers, Tenants and Employees. I want entry's in the customers and tenants table to be made depending on where the user signed up. So a customer row would be made if the user signed up from the customer portal and a tenant would be made from a sign up on the business portal. An employee could only ever be created by a tenant in my dashboard/admin panel. All 3 tables have different schemas and would require different meta data to be inserted on creation. For example customer has customer_id (PK), first_name, last_name, email, contact_number, auth_id (auth.user id FK) A tenant has tenant_id (PK), auth_id (auth.user id FK) business_name, description, address, contact_phone A employee has employee_id (PK), auth_id (auth.user id FK), tenant_id (tenant id FK), first_name, last_name, role. I'm struggling to think how to do this securely with triggers, policies and functions or even the best way to achieve what I want. The database side isn't my strongest so any help or guidance would be greatly appreciated. I'm using the Javascript API but also have a Go backend if needed.

How do I use variables which are array of uuids in my query with IN clause in where condition, I tried making array and using it with ANY then it fails with empty array.

As stated, it gives a rate limit exceeded. Restarting the project didnt help. There is no SMTP involved in login with password.

Hey, I'm trying to build a Skype-like application with chats and video calls in Angular, using Supabase of course and WebRTC. Is there any example of someone who has done something similar?

hey does this mean that everything in the supabase client will be available public? if so how to only make it serverside At the moment, the entire supabase client is passed via page data, i dont want that to happen

Using Nextjs + Supabase 1) The situation: I'm currently implementing the signInWithOAuth feature wityh "google" as provider. 2) The problem: when I click on the "sign up" button and select the google account I want to use, I'm still being redirected to the login page. 😓 3) The Request: Please, help me out. I've been trying to solve this for a day now. Thanks, You have a Great Product!

I've enabled the:

GOTRUE_SECURITY_UPDATE_PASSWORD_REQUIRE_REAUTHENTICATION

, but now my users can't really use reset password workflow due to: "Password update requires reauthentication" error when they're shown password update form (after they've clicked password reset e-mail). Is the reauthentication feature for

password change

compatible with the

password reset

workflow?

JS library 1.35.7 working code: import { Injectable, UnauthorizedException } from '@nestjs/common'; import { createClient, Session, SupabaseClient } from '@supabase/supabase-js' @Injectable() export class AppService { supabase: SupabaseClient session: Session constructor() { const apiKey = this.supabase = createClient(process.env.SUPABASE_URL, process.env.SUPABASE_ANON_KEY) //log the user in this.supabase.auth.signIn({ email: process.env.TEST_USER_EMAIL, password: process.env.TEST_USER_PASSWORD, }).then((resp) => { console.log("user logged in. Logged in data: ", resp.session ) this.session = resp.session }) } async createFeature() { const session = await this.supabase.auth.session() if (!session?.user) { throw new UnauthorizedException("User is not logged in") } const {data, error} = await this.supabase .from('feature') .insert([{ name: 'new feature' }]) if (error) throw error return data } } JS library 2.12.1 failing code with exception UnauthorizedException: @Injectable() export class AppService { supabase: SupabaseClient session: Session constructor() { const apiKey = this.supabase = createClient(process.env.SUPABASE_URL, process.env.SUPABASE_ANON_KEY) //log the user in this.supabase.auth.signInWithPassword({ email: process.env.TEST_USER_EMAIL, password: process.env.TEST_USER_PASSWORD, }).then((resp) => { console.log("user logged in. Logged in data: ", resp.data.session ) this.session = resp.data.session }) } async createFeature() { const session = await this.supabase.auth.getSession() if (!session?.data?.session) { throw new UnauthorizedException("User is not logged in") } const {data, error} = await this.supabase .from('feature') .insert([{ name: 'new feature' }]) if (error) throw error return data } }