Hi, I want to run raw sql queries against postgres, but still use the jwt authentication provided by gotrue. Is the verification of the jwt taking place in a postgres function or do I have to verify the jwt against gotrue first?

I've used supabase last year and had no problems. Started using it again and I get an error: "permission denied for table users" when I run a trigger to insert the email to a public.users table after someone signs up. There is no rls on the users table so this seems weird to me This is the code: -- inserts a row into public.users CREATE FUNCTION public.handle_new_user() RETURNS TRIGGER LANGUAGE plpgsql SECURITY DEFINER SET search_path = public AS $$ BEGIN INSERT INTO public.users (email) VALUES (new.email); RETURN new; END; $$; -- trigger the function every time a user is created CREATE TRIGGER on_auth_user_created AFTER INSERT ON auth.users FOR EACH ROW EXECUTE PROCEDURE public.handle_new_user();

I'd like to start a discussion here to nail down the best way to handle multiple user types in Supabase Auth. This is the only resource I've found, and it contains possible ways in doing so, but does not use separate user tables (which may or may not be ideal): https://github.com/orgs/supabase/discussions/12647 Let's start with a use-case and work from there. I own a mobile parking app, so we'll use that as an example: - Mobile app for customers who park their vehicles - Administrative dashboard for parking authority users who will have roles/permissions per parking authority - Administrative dashboard for users who administer the system itself (company owners) In AWS Cognito, it would be common to create 3 separate user pools for this to keep the user types and their respective properties separate. So there would never be crossover between say a customer user and a full system administrator (nor should there be). It would be ideal to keep these concerns separated for the following reasons: - Keeping them fully separate would severely reduce the likelihood of security issues regarding privilege escalation from a customer user to a full system administrator - It's very common for different types of users who perform very different actions to have different properties on the user table (you could use a meta table for that if desired) - If you wanted to delete an administrative user, and that user also happened to have a customer user account, you wouldn't want it to delete the customer user account as well. You would just want to revoke all of their administrative presence. - You wouldn't want password changes, etc to affect their other accounts when that wouldn't be the desired or expected behavior My Supporting Misc Thoughts: - Semantically, the 3 user interfaces would seem like 3 separate applications, but there's really no reason to provision, pay for and maintain 3 Supabase instances JUST to get around this, especially when there will be a ton of shared logic on the backend - I don't yet know where all the limitations are regarding Supabase Auth and its connection to Postgres, but it seems like it would be ideal to have 3 auth user tables and some flag that tells the sign ups and queries which user table to use. Let's chat!

const { error } = await supabase .from('events') .update(data) .eq('id', eventId); However when I make this call, I'm getting this error: {"code": "21000", "details": null, "hint": null, "message": "UPDATE requires a WHERE clause"} My data and eventId variables on an example call look like this: "eventId": 99 "data": {"resolved_at": "2023-04-19T00:57:52.221Z", "status": "resolved", "updated_at": "2023-04-19T00:57:52.221Z", "winning_outcome_id": 162} Can anybody help me debug?

Hello, Why I get this error ?

error: bouncer config error

setup

const pool = new Pool({
    host: 'db.xxx.supabase.co',
    user: 'postgres',
    database: db_name ?? 'postgres',
    password: 'xxx',
    ssl: { rejectUnauthorized: false },
    port: 6543,
    min: 0,
    max: 10,
    createTimeoutMillis: 8000,
    acquireTimeoutMillis: 8000,
    idleTimeoutMillis: 0,
    connectionTimeoutMillis: 0,
    reapIntervalMillis: 1000,
    createRetryIntervalMillis: 100,
  });

  return pool;

New dev here. As soon as I introduce the supabase_flutter 1.7.0 library into the project, I immediately have build issues. In both iOS and Android. What's the deal ? #1006358244786196510 [ ――― TEMPLATE END ―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――― [!] Oh no, an error occurred. Search for existing GitHub issues similar to yours: https://github.com/CocoaPods/CocoaPods/search?q=dlopen%28%2FLibrary%2FRuby%2FGems%2F2.6.0%2Fgems%2Fffi-1.15.5%2Flib%2Fffi_c.bundle%2C+0x0009%29%3A+tried%3A+%27%2FLibrary%2FRuby%2FGems%2F2.6.0%2Fgems%2Fffi-1.15.5%2Flib%2Fffi_c.bundle%27+%28mach-o+file%2C+but+is+an+incompatible+architecture+%28have+%27x86_64%27%2C+need+%27arm64%27%29%29%2C+%27%2FSystem%2FVolumes%2FPreboot%2FCryptexes%2FOS%2FLibrary%2FRuby%2FGems%2F2.6.0%2Fgems%2Fffi-1.15.5%2Flib%2Fffi_c.bundle%27+%28no+such+file%29%2C+%27%2FLibrary%2FRuby%2FGems%2F2.6.0%2Fgems%2Fffi-1.15.5%2Flib%2Fffi_c.bundle%27+%28mach-o+file%2C+but+is+an+incompatible+architecture+%28have+%27x86_64%27%2C+need+%27arm64%27%29%29+-+%2FLibrary%2FRuby%2FGems%2F2.6.0%2Fgems%2Fffi-1.15.5%2Flib%2Fffi_c.bundle&type=Issues If none exists, create a ticket, with the template displayed above, on: https://github.com/CocoaPods/CocoaPods/issues/new Be sure to first read the contributing guide for details on how to properly submit a ticket: https://github.com/CocoaPods/CocoaPods/blob/master/CONTRIBUTING.md Don't forget to anonymize any private data! Looking for related issues on cocoapods/cocoapods... Error output from CocoaPods: ↳ Searching for inspections failed: undefined method `map' for nil:NilClass [!] Automatically assigning platform

iOS

with version

11.0

on target

Runner

because no platform was specified. Please specify a platform for this target in your Podfile. See

https://guides.cocoapods.org/syntax/podfile.html#platform

. Error running pod install Error launching application on iPhone 14 Pro Max.]

Hi all, I'm trying to make a trigger to delete auth_user when there's a deletion on data in one table. For example, I have a table called users and this table contains extended data from the auth_users data. Whenever there's deletion in the users table, it will trigger automatically to delete the auth_users in relation with the data that have been deleted from the users table. My query is as following but it displayed invalid SQL query. Still learning how to write query properly, apologies in advance. CREATE or replace function delete_user() returns void LANGUAGE SQL SECURITY DEFINER AS $$ --delete from public.profiles where id = auth.uid(); delete from auth.users where id = auth.uid(); $$; CREATE trigger users after delete id on users for each row execute procedure delete_user();

I am currently trying to create a database for a social media app, and I am struggling with creating a function for when a new user is created. When a new user is created, I want the user to provide their email, password, and username. I am using Draftbit to structure my requests using JSON format. { "email": {{signupEmail}}, "password": {{signupPassword}}, "data": { "username": {{username}}, } } I want to create a function to insert the id, email, and username into a table. I have tried messing with it, but it always gives 500 error messages. Here I have provided the definition that I have for my function: begin insert into public.users (user_id, email, username) values (new.id, new.email, new.raw_user_meta_data->>'username'); return new; end;

Due to some egregious useEffect react code that ran in a loop, I made some 300,000 download requests to a storage bucket for a 30 kb image in my supabase project (about 24 hours ago). However, this appeared to not approach anywhere near the total egress limit, until about a few minutes ago when it suddenly said project has exceed usage limits. How can I verify what the cause of the sudden ~5gb egress is?

I created a table using ui and another using sql.But the table created using ui is only exposed in graphql. The other one is not exposed. And the graphql client says that { "data": null, "errors": [ { "message": "Unknown field \"departmentsCollection\" on type Query" } ] }

Hi there I'm using Discord to login with supabase redirects url. I'm already get these field in the callback url. I'm trying with https://discord.com/api/users/@me and set the access_token in the bearer token but still got Unauthorized.

{
  "message": "401: Unauthorized",
  "code": 0
}

Hello, I am working on one of my supabase projects and just realised that I exceeded

storage egress

by 2.5gb, however it was only me and its been less than 2 weeks. I do have a lot of images to work with, but surely 1 user can't consume that much anyways or can they?

Hey everyone. I just created a table called "users" which i store user id and email. and I'm managing it from my flask app. first time i tried inserting the data from my app i got the `` {'code': '42501', 'details': None, 'hint': None, 'message': 'new row violates row-level security policy for table "users"'} `` error and then findout i need to create a policy. then i created this policy but it still doesn't work

CREATE POLICY "Allow authenticated users" ON "public"."users"
AS PERMISSIVE FOR ALL
TO authenticated
USING (true)
WITH CHECK (true)

i just want to be able to fetch the data and insert data from my app. it's a simple app and i'm the only one having access to my supabase dashboard.

I have a database table called ``posts`` which has a foreign key to the auth.users table on ``author_id``. How do I generate a Typescript query that joins that user object with the post? So that the json would look like this:

json
{
  error: null,
  data: {
    id: 10,
    created_at: '2023-04-18T23:19:26.106773+00:00',
    title: 'This is a title',
    content: 'This is content',
    images: [],
    author: {
      email: "...",
      ...
    }
  },
  count: null,
  status: 200,
  statusText: 'OK'
}

I see on the supabase edge functions website (https://supabase.com/edge-functions) that database webhooks are supported --> "Invoke Edge Functions based on any event in your database." I am trying to find some documentation on this and have been unsuccessful so far. Can someone please point me to the right place?

I have a 'Posts' table that foreign keys a user in Supabase Auth. How do I consistently 'retrieve' a Post with the user entry too? An example: I have a component that takes a 'Post' instance as a prop. How does this component render, for example, the author's email? Currently the post model only shows the author's ``id``, which isn't very useful for frontend.

I asked ChatGPT, which recommends varchar, do you agree? Can I run into troubles by selecting varchar today? I didn't find how/where to set the char limit when using varchar.

Hi, I am trying to have the session established on the server side first-render using cookies in my NextJS app. I have the cookie which clearly contains the Auth session - how would I go about providing the 'initalSession' object for EssionContextProvider? Thank!

Right now I am using the auth schema users.id as my foreign_key in all my tables. I have the standard 'profiles' table which serves the purpose of saving user data in my public schema. But instead of using the profile_id in other public tables, i am using the user_id. The problem i'm running into is when i want to run a query that requires a join (for example to fetch data from the profiles table and from some extra_data table) I want to use the user_id column to join them, but the standard easy supabaseJS syntax isn't detecting a foreign_key relationship because technically there isn't one between these two tables. They both are using user_id as their foreign_key. The question is, is there some syntax i can use to indicate that the join should happen on this user_id column? Have i made a mistake in setting up my database and perhaps user_id should only be used on my profiles table, and everywhere else i should be referencing profile_id? I thought it would make sense to use user_id everywhere since I always have it from the supabase session. I didn't want to have to query the profile table if i wasn't selecting data from it.

I have a 'posts' table that foreign keys a 'profiles' table through an ``author_id`` uuid. When I run the CLI command to get my ``schema.ts`` file, there is no sign of a type matching my foreign key table. How do I access this field in typescript without errors stating the field does not exist

Hi everyone, I am having trouble implementing a new policy. There is a table1, with a foreign key from auth, users table (id) I want to be able to update it, to change the user that is link to the row of table 1, to a unique value. For now, i can update other column but not the foreign key one. I just want my edit to modify the table 1 and do nothing on the user one, except checking if user exist. Any help?

When I try to update values to NULL with nil, they're ignored

Context: 1) NEXT_PUBLIC_SUPABASE_URL and NEXT_PUBLIC_SUPABASE_ANON_KEY are defined in .env.local in the root of my NextJS project. 2) In my _app.js (as reccomended by Supabase documentation) is where I call createBrowserSupabaseClient() in a supabaseClient useState variable. Problem: But, when I try to run the app in dev mode, I get this error:

Error: either NEXT_PUBLIC_SUPABASE_URL and NEXT_PUBLIC_SUPABASE_ANON_KEY env variables or supabaseUrl and supabaseKey are required!

Can someone tell me what I'm missing? I've also defined a server side client with createClient() in root > utils > supabase.js (also attached).

I cannot use the Supabase nodejs module because I'm running a script in the context of an Airtable automation. Can I run an upsert operation using either of the REST/GraphQL api directly? How can I do that?

I have a column "authPIN" which is always 6 chars. How do I enforce this at the database level? I tried asking Copilot, but it either uses "varchar" which isn't what I want (apparently, varchar shouldn't be used, and regardless, it would only help handle the max length, not the min length)

Hello, I'm trying to send a security notice email via an edge function when a user authenticates, but I only want this to happen on fresh sessions, not refreshes. If I trigger on auth.sessions INSERT would this achieve that or are there other scenarios where an INSERT would fire? Thanks!

The password reset link on the login page of supabase does not send emails. I have been trying to get my password reset for some time now, but no email allowing me to rest my password arrives

what is considered 'authenticated' in the user roles? Is this the authenticated role in the users auth table or just when the supabase JWT is passed for a session? I had to setup custom auth using

next-auth

and followed this guide. I'm sending

role: authenticated

in the supabase JWT so these users would be detected in RLS as authenticated correct? https://authjs.dev/reference/adapter/supabase#enabling-row-level-security-rls

I am currently building a Chrome Extension and would like to leverage my existing website for authentication. I have tried passing the refresh and access tokens using `onMessageExternal `and use `setSession `but that does not seem to sign in the user on the chrome background script side. Any suggestions?

The docs say there should be a transfer ownership function in the project settings but I don't see anything. I want to transfer a project from my hobby org to my paid org. Any thoughts?