I have a PostgreSQL database on Supabase, and I have setup the necessary RLS policies on my database tables. Supabase provides official modules to be used in JavaScript and some other languages, but I want to be able to interact with my database from my back-end server written in Go, while taking advantage of the RLS policies I've set (users can only access rows with their own information). I'm trying to use this module https://pkg.go.dev/github.com/supabase/postgrest-go, however I find it quite hard to use as there is no clear documentation on it (documentation for basic CRUD commands takes you to the one for the JS library which returns less values and requires less parameters than this one). I've also seen https://github.com/nedpals/supabase-go, but I want this to be on my server-side code. I feel like too many clients will have to be created as authenticated users will only be able to access certain rows based on the RLS policies. I am aware that I can use the standard database/sql library or a pgxpool, but that will mean my RLS policies are useless as I have to manually set it in the WHERE clause, and I'll probably have to use my service_role key to bypass RLS because apparently RLS is necessary I believe (may have misinterpreted the sentence, please correct me if I'm wrong) Please can you recommend me a module which you think would be suitable for my needs - I think a Postgres one will be most suitable but the one I've tried from the Supabase community is confusing, so let me know if you have any guidance on that either. Thanks in advance 🙂 TL;DR - I need help finding a suitable SQL client module for Go back-end which allows me to use my Postgres RLS policies (like Postgrest client)

trying to let users sign in from multiple places ... so having multiple sessions ... also i plan to let the sign out of each session independently ... happen to know if this is possible?

in the email that is sent, i want to change ".confirmationURL" to something else. If they click on the link, their email will be verified. How would I got about this ?

In my code (screenshots attached), I have a useEffect() whose dependency array includes a supabase channel and a react state. In this example, it appears that only the code within the broadcast event handler gets executed and not the other portions of the useEffect() code. (e.g., console.log(other code). Further, if I remove 'changesInUI' from the dependency array the broadcast event handler (e.g., console.log(payload)) is never executed even when a broadcast event is sent. So I am wondering what I could be doing wrong here as I don't believe this is the expected behavior.

I was following this tutorial: https://supabase.com/docs/guides/getting-started/tutorials/with-sveltekit And I came across this code:

ts
export let data: LayoutData

$: ({ supabase, session } = data)
...
onMount(() => {
    const { data } = supabase.auth.onAuthStateChange((event, _session) => {
        if (_session?.expires_at !== session?.expires_at) {
            invalidate('supabase:auth')
        }
    })

    return () => data.subscription.unsubscribe()
})

I'm trying to figure out why I even need

onAuthStateChange

at all? I already have the session variable from the server... if I need to re-fetch data, won't it just automatically update the session on the server? When would a session created on the server and passed to the client not be equal to each other? I'm confused why this is here... J

Is there any swiftUI google oauth example code that i can get help? https://github.com/supabase-community/supabase-swift i tried to follow documentation, but it was hard to implement it. Especially, i couldn’t figure out which url should i put in callback url.

Hi team, I'm starting a project using NextJS 13 and supabase-js (deploying on Vercel). I'm very new to supabase so any pointers at all in how to debug the following issue is greatly appreciated: I have a (nextjs 13) route API handler in which I am trying to retrieve the current user in order to set a

created_by

field when inserting an item. I have followed this guide: https://supabase.com/docs/guides/auth/auth-helpers/nextjs-server-components#route-handlers. However, when I use either

createRouteHandlerSupabaseClient

or

createServerSideClient

to get the client, they both give me

{"data":{"session":null},"error":null}

when I use

client.auth.getUser()

. I also tried getting the session with

client.auth.getSession()

, but that gave me:

{"data":{"user":null},"error":{"name":"AuthApiError","message":"invalid claim: missing sub claim","status":401}}

. I should note that I tested retrieval of the user/session in three other spots: 1) app shell layout that sets up the SupabaseProvider/SupabaseListener, 2) middleware, and 3) client-side components. All of them successfully get the user as expected. See screenshots for that code. FWIW another strange behavior is that the route handler works correctly on local but not on the staging environment. TIA!

Hi all., I am trying to create the index but getting the following error - "An error has occurred: Failed to fetch" Code to creating the index- " create index on public. using ivfflat ( vector_cosine_ops) with (lists = 100); " It was earlier working but not now. Table have more than 500K rows if it makes any difference?

[Problem Solved!] Check this message: https://discord.com/channels/839993398554656828/1099963752104873985/1100321865613971477 Hi everyone, I am new to Flutter and Supabase. I am trying to upload my images into supabase bucket, I copied the code from the supabase docs and used it in my code when I try to upload the image, I am getting the below message. [ERROR:flutter/runtime/dart_vm_initializer.cc(41)] Unhandled Exception: StorageException(message: jwt must be provided, statusCode: 400, error: jwt must be provided) I don't even know what is JWT, can anyone please help me to solve this?

In realtime does this supabase.channel('public:countries:id=eq.200') this "public:countries:id=eq.200" string has any usage . For example, if I change this string to uid then?

Hello dear Supabase-Community. I'am currently building a flutter-app with Supabase for my backend. Everything works so far, but when Signing-In with google/facebook, i always get redirected to a external Browser. Is there a way to have a internal browser as a Pop-Up, so everything stays in my App? Thanks in advance!

I need my app to work on a subdomain eg v1.myapp.com. I'm passing the subdomain via window.location.href as the redirect option:

await supabase.auth.signInWithOAuth({
  provider: "github",
  options: {
    redirectTo: window.location.href,
  },
});

await supabase.auth.signInWithOtp({
  email,
  options: { 
    emailRedirectTo: window.location.href 
  },
});

The login is working except both methods redirect me to myapp.com instead of to the subdomain.

Hi everyone, Our team is relying on an increasing number of non-trivial DB functions for data manipulation, and we've encountered some issues with the developer experience of migrations: - Code reviews are difficult. Whenever something changes in a DB function, the diff contains the whole function instead of only the lines that changed. - Searching the codebase is difficult, since it contains multiple versions of the same DB function. - When two people make changes to DB functions at the same time, they need to make sure that their migrations are merged (and therefore executed in production) in the order of the timestamps. Since code reviews can delay merging, this isn't easy to ensure. I believe repeatable migrations would be a great way to solve these issues: https://documentation.red-gate.com/fd/tutorial-repeatable-migrations-184127625.html Does Supabase's migration system support something like that?

so i have 2 issues running realtime 1) at supabase cli version 1.50.11, supabase realtime image is started as part of

supabase start

but then no docker port is exposed (i believe it should just be 4000)...is this intentional. i get a bunch of failures when attempting to

--exclude realtime

and then cloning the realtime repo and manually running the docker compose but id rather not do all that since its more of a nuisance to develop locally. is there some simple way to expose

4000:4000

with args to

supabase start

or something? 2) supabase sockets in prod arent doing anything. i double checked my server side code is executing:

const realtime = new RealtimeClient(
        process.env.NEXT_PUBLIC_SUPABASE_URL!.includes('localhost')
            ? 'ws://localhost:4000/socket'
            : `wss://${process.env.NEXT_PUBLIC_SUPABASE_PROJ_REF}.supabase.co/realtime/v1`,
        {
            params: { apikey: process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY },
        },
    );
realtime.connect()
const x = realtime.channel('onchain').subscribe();
await x.send({
type: 'broadcast',
event: 'onchain',
payload: { agreementId: agree.id },
});

but i see nothing in the realtime logs in the web studio and the client definitely isnt receiving any events

I am trying to get discord user id of the person that log in with their discord however i can only get their full name Can anyone teach me how to get the discord userid of the user that login? I have tried this: const discordId = user.id (this is getting the user id of supabase) MY HTML:

<div class="navbar">
    <button id="signed" onclick="signin()">Sign in with discord</button>
    <button id="out" class="right" onclick="signout()">Sign out with discord</button>
  </div>
  <p id="name">Not logged in!</p>

MY JS:

const _supabase = supabase.createClient(supabaseUrl, supabaseKey)

       async function signin() {
      const {data, error} = await _supabase.auth.signInWithOAuth({
        provider: 'discord',
      })

      checking()
    }

    async function getName() {
      
      const {data: {user}} = await _supabase.auth.getUser()
  const fullName = user.user_metadata.full_name
      
      
  document.getElementById('name').textContent = `${fullName} `
      checking()
    }

    getName()

    async function signout() {
      const {error} = await _supabase.auth.signOut()
      document.getElementById('name').textContent = "Not logged in!"
      alert("Signed out!")
      checking()
    }

Hello guys I'm actually trying to build a realtime app that uses the supabase_flutter client I'm able to subscribe to the presence channel but i can't send any event final channel = _supabase.channel('presence', opts: s.RealtimeChannelConfig(ack: true, self: true, key: userId)); channel.subscribe((status, [p1]) async { if (status == "SUBSCRIBED") { final presencceStatus = await channel.track( {"userId": userId, "ontline_at": DateTime.now().toIso8601String()}); print(presencceStatus); // Here is the timeout (ChannelResponse.timeout) } }); Can't figure out what is the issue. please help

This might be more a monorepo/pnpm question, but I am curious if anyone here already tackled something like this: I have a frontend app (sveltekit) inside of which I export various typescript helpers and types. Assuming these do not rely on npm dependencies, is there a clean way to reuse them in my edge functions, maybe with a pre-bundling step before deploying the functions? Thank's y'all!

I am getting error calling

supabase.storage
          .from('public')
          .upload(file.name, file)
          .then(({ error }) => {
            console.log('upload error', error)
            if (error) {
              snackbar.error(
                'There was an error uploading the file, please try again later',
              )
              return
            }
          })

and got

Object { statusCode: "500", error: "Database Error", message: 'invalid input syntax for type uuid: "user_2OHvEF7KJkNHo7fIirckoCSf9D4"' }

Note that my requests is normal in non storage operations, and looks like supabase storage is going through a different auth that reads sub field in the JWT token, I tried remove all the RLS in storage and the problem still exist (it is not related to RLS, the problem seem to happen before that). I decoded the JWT token in the header, and the

sub

part is the user id starts with

user...

, I am wondering if this can be resolved by defining some kind of custom function in storage to resolve that.

Hi *, I have a public bucket "avatars" to store user-avatars. Now I'm about to store each user's avatar with object.name == user.id. This way I can do a simple upsert every time a user wants to upload/update the avatar. To ensure users can update their own avatars only, I added RLS policies which compare

auth.uid()

with

objects.name

. To know whether a certain user actually has uploaded an avatar while showing/listing (without joining data or producing N+1 queries), I added a flag

has_avatar

to my

profiles

table. To automatically keep track of that flag, I added the following functions + triggers, to update the flag accordingly on every upload/delete of an avatar:

CREATE OR REPLACE FUNCTION public.set_profiles_has_avatar_flag()
 RETURNS trigger
 LANGUAGE plpgsql
AS $function$BEGIN
  UPDATE public.profiles
  SET has_avatar = true
  WHERE id::text = new.name;

  RETURN new;
END;$function$
;

CREATE OR REPLACE FUNCTION public.unset_profiles_has_avatar_flag()
 RETURNS trigger
 LANGUAGE plpgsql
AS $function$BEGIN
  UPDATE public.profiles
  SET has_avatar = false
  WHERE id::text = new.name;

  RETURN new;
END;$function$
;

CREATE TRIGGER set_profiles_has_avatar_trigger AFTER INSERT ON storage.objects FOR EACH ROW EXECUTE FUNCTION set_profiles_has_avatar_flag();

CREATE TRIGGER unset_profiles_has_avatar_trigger AFTER DELETE ON storage.objects FOR EACH ROW EXECUTE FUNCTION unset_profiles_has_avatar_flag();

The first one (setting the flag) works like a charm, but the flag doesn't get unset on delete. (The function is actually being called, tested by test-wise producing an error within it) I don't geeeeeet it. Any ideas? 🙂

I've been tearing my hair out all afternoon trying to use Supabase in Next.js 13 route handlers. I've followed the docs to the letter and copied the example from the github repo, but I can't seem to get it to work... I'm using the Next.js App Auth helpers. Essentially, I'm making a GET request to a route handler (API endpoint) from the client side of my app where the user is logged in. I can see the session data in the browser and easily access it using supabase.auth.getUser(). In my middleware I've eventually discovered that when I make a request from the client, no supabase cookies or headers are being sent (file attached with the request data). This is the reason that no session is being returned and so why everything is failing. What am I missing? Am I supposed to send the supabase cookie data myself? Images attached of my set up https://cdn.discordapp.com/attachments/1100093690267041843/1100093690455801947/api-request.txt

following this tutorial: https://supabase.com/blog/transparent-column-encryption-with-postgres , I created a table like this:

create table api_keys (
  id bigint generated by default as identity primary key,
  created_at timestamp with time zone default timezone('utc'::text, now()) not null,
  updated_at timestamp with time zone default timezone('utc'::text, now()) not null,
  name text,
  apikey text,
  key_id uuid not null DEFAULT 'a-value-here'::uuid
);

SECURITY LABEL FOR pgsodium
    ON COLUMN api_keys.apikey
    IS 'ENCRYPT WITH KEY COLUMN key_id';

However when I try to insert into the table I get the error: ``"permission denied for function crypto_aead_det_encrypt"`` Any ideas what the problem is??

I'm in the process of finally getting supabase pro approved by my bosses at work for the usage in future projects. (don't ask why they are so picky about 25 $ a month) one of my bosses had the idea to use some schemas in a DB directly in some mini sites that he's doing and wants to create a user for each schema for security reasons. my question is basically if that is even possible. Parts of Supabase would be treated as a remote SQL DB without using any other feature other than a direct DB connection. with the removal of superuser access i am unsure if this would create issues in the future. thanks for reading 🙂 cheers

I am trying to get a query that is a little bit more complicated than I can handle. I have a "students" table with the basic information for each student. Then I have a "courses" table which obviously gives us all possible courses, and then I have a "speciality" which has the different studies to enrolled. In order to join data, I have a "students_courses" table and "students_specialities". I don't join the three of them in one singular table because it is possible that a student is doing two courses but just one speciality so I keep them separated. Now I am working in a Page where the students are populated and you can filter with courses and specialities. I am using RTK Query to create the endpoint and an endpoint that works is this:

getStudents: builder.query({
            queryFn: async (args) => {
const { course, speciality } = args;

                const {data: rawData, error} = await supabase
                .from('students')
                .select(`
                    *,
                    course:students_courses (
                        course_id (
                            name_course
                        )
                    ),
                    speciality:students_speciality (
                        speciality_id (
                            name_speciality
                        )
                    )
                `);

                const formattedData = rawData.map(student => ({
                    ...student,
                    course: student.course.map(courseObj => courseObj.course_id.name_course),
                    speciality: student.speciality.map(specialtyObj => specialtyObj.speciality_id.name_speciality)
                  }));

              return { data: formattedData, error };
            },
            providesTags: ["Students"]
        }),

I would like to find a way to conditionally add a query if some value comes in args. Something like

.eq("curso_id",curso)

Thank you!

Hey guys! I’m following along with the QuickStart User Management SQL next.js code and I’m wondering if I’m able to get the discord ID for users when they sign up through the Discord provider? I have attempted to extract it but it’s null in my profiles table no matter what I try. Not sure if it’s in the metadata Discord provides. Any help is greatly appreciated!

Hi everyone! I'm building 15 different directory listing websites (each website is different category) and would like to use Supabase for that. My question is, a user can register to site 1 and also to site 2, but the issue is that since he registered to site 1 he will get an error on site 2 for registration since he already exists in Supabase as an auth user. What are my choices with Supabase? I thought of creating multiple projects for each website, but if they will get many traffic and I'll have to upgrade each project, it will cost a lot. Second thing I thought of is creating multiple free projects for each website and use each project auth users, but only one project will be the main one that have all of the data. Appreciate the help!

Hey there, I am deploying kong using docker and fly io. I have my database and GoTrue deployed and talking to each other Is there a way to override the hostname for the auth server / other services, perhaps with env variables?

Hey everyone, surprisingly was not able to find much info about this online, so asking here: Is if possible to use supabase auth with native apple sign in libraries in react-native? These usually return so called "identity token" at the end of user authentication flow, but I can't find any reference in supabase docs about using this identity token with supabase's client js sdk to auth user.

I'm curious if it's possible to setup conditions on the auth table. For example, if I have a "invites" table only emails on that table are allowed to be inserted into the auth table. This way I can create an invite only system for users.

Howdy. As the name implies I have an old SQL database from way back in the day that for all my tables uses int10 for the ID column. I think life would be easier if I used the built UUID stuff now. Problem being I have existing rows and existing relationships. Explain to me like I'm 5 how I can move my IDs over to UUID without disrupting any relationships. I know this is possible I just don't know a ton about databases in general let alone Postgres. So here's hoping its something relatively easy I can repeat. Only other thing worth mentioning is I don't have a ton of tables. Theres like 7ish. So if theres a simple solution but requires me to do one table at a time then thats fine.

I'm using supabase for a web software using the Javascript Library, and I need to allow login only to users from an specific IP address. I know how to get the client IP inside an edge function, and consult to the database if the user is accessing from an allowed IP, but I have two problems: 1: How can I disable the default supabase login? and 2: if I log in inside an edge function, how can I send the session to the front?