In order to keep a user signed in forever (until they sign out), I'm doing the following: - On every sign in, I'm getting the session's refreshToken and storing it in userDefaults. - Whenever the app is reopened, I call auth.refreshSession, passing in the refreshToken I have stored. My approach works until the app is open for longer than my JWT expiry time, I think. Then, it seems like there's a bit of time where the session can't get refreshed (about a minute), and then it gets refreshed on its own. My issue now is that since it got refreshed on its own, the refreshToken I have stored is invalid. To get the latest one, I tried fetching the current session with auth.session and taking its refreshToken, but it doesn't work. Should I, instead, just set a recurring timer that is a bit less than the JWT expiry time, and simply let it refresh the session? Or am I overcomplicating things? Do I even need to do anything myself to refresh sessions and keep users signed in, even though it seems like the framework kinda does that already for me (with about a minute off)? Thanks in advance!

My after update trigger needs to change one of my buckets folder names to ensure my folder names are kept in sync with their respective rows (Each product has product images which i store under '/'

Context: - I just pushed my schema to supabase's hosted setup and did a bunch of oauth configuration - Added redirect urls for oauth - User has signed in with github - User can make rest queries perfectly fine - However, making a query against

/graphql/v1

using the same

Authorization: Bearer x

token returns the error in title. Here is what the request looks like in fetch form:

fetch("https://xxx.supabase.co/graphql/v1", {
    "body": "{\"query\":\"\\nquery GetChatMessages($chat_id: BigIntFilter!) {xxx}\",\"variables\":{\"$chat_id\":1},\"operationName\":\"GetChatMessages\"}",
    "cache": "default",
    "credentials": "include",
    "headers": {
        "Accept": "*/*",
        "Accept-Language": "en-US,en;q=0.9",
        "Authorization": "Bearer xxx_token_xxx",
        "Content-Type": "application/json",
        "Priority": "u=3, i",
        "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15"
    },
    "method": "POST",
    "mode": "cors",
    "redirect": "follow",
    "referrer": "xxx",
    "referrerPolicy": "strict-origin-when-cross-origin"
})

Should the Bearer token be different from the token being used to request

/rest/v1

? Or is there some special config I need to toggle on Supabase's backend to enable graphql? (don't remember doing this locally). Thanks much

im using nuxt3 so ive created this plugin

js
import { createClient } from '@supabase/supabase-js'

const plugin = (context) => {
  const config = useRuntimeConfig()

  const supabase = createClient(
    config.public.supabaseUrl,
    config.public.supabaseKey,
    {
      autoRefreshToken: true,
      persistSession: true,
      detectSessionInUrl: false,
    }
  )

  context.$supabase = supabase
}

export default defineNuxtPlugin(plugin)

inside my login page i have this method to log in

js
const signInWithTwitch = async () => {
  const { error, data } = await $supabase.auth.signInWithOAuth({
    provider: 'twitch',
    options: {
      redirectTo: `${config.public.baseUrl}/dashboard`,
      scopes: 'moderator:manage:chat_messages moderation:read channel:moderate chat:edit chat:read whispers:read user:edit:broadcast user:read:follows channel:edit:commercial channel:manage:broadcast user:read:broadcast user:read:email channel:manage:moderators'
    }
  })
}

but its not redirecting user to my page

I have followed @thorwebdev tutorials to the T. @silentworks I will DM you the file path its looking at

Does anyone know any of the default values for the fields here (e.g.

max_concurrent_users

) on the pro plan? https://github.com/supabase/realtime/blob/main/lib/realtime/api/tenant.ex#L19 The website documentation (https://supabase.com/docs/guides/realtime/rate-limits) only says this: > Enterprise plan limits start at: > 500 concurrent clients > 1,000 messages per second > 500 concurrent Channels which is not very clear and it's also not clear what this might imply about the pro plan.

I create a new user after they register

ts
const { data: addUserData, error: addUserError } = await supabase.from("users").insert({ email, forename })

They confirm their email, and then once I try to access user information using the code below, it returns the data as an empty array

ts
    private async getUserDetails() {
        let { data, error } = await supabase.from("users").select("*").eq("email", this._email).single();
        if (error) throw error
        return data;
    }

On the supabase website, the GUI shows the new information just fine. And once I restart my sveltekit server and try again, it can access the table just fine Any reason why this is happening? And how I can get it to retrieve data from tables without restarting the server?

I've the following:

<Auth
                supabaseClient={supabase}
                view={VIEWS.UPDATE_PASSWORD}
                redirectTo="http://localhost:3000/"
                showLinks={false}
                providers={[]}
                appearance={{ theme: ThemeSupa }}
              />

After updating the password Auth UI presents the sign in view which is an expected behaviour when looking at the code repo: https://github.com/supabase/auth-ui/blob/a2aa401394506df196446691fd346eaebfe476ba/packages/react/src/components/Auth/Auth.tsx#L102 But then, after signing in, the

redirectTo

does not get triggered. Anyone knows why?

I am making a Discord Bot that is using a Web Application to modify settings and save senstive API tokens for external services. I currently am using a postgres database on AWS. I plan to also use a AWS VPS and CDN. Thing is I only make it possible for customers to login via Discord. So I need to use some sort of authentication for my site that would work with Discord. I could make one custom but I would rather not spend the time as I need to get my project out before the weekend ends. I will essentially I am using Fast-API. I would like to know if supabase would be for me and my project. If you need more details please let me know what you need.

Hello folks, is there a way to use cloudflate r2 (s3 compatible) storage with supabase cloud. On self hosted setup these options are available https://supabase.com/docs/reference/storage/config how about on https://app.supabase.com/ is there a way to set ENV variables.

Hi, Since about an hour ago, I can no longer run

supabase link

, I get the following error message:

Error: Authorization failed for the access token and project ref pair: {"message":"Forbidden resource"}

I have generated a new access token, I have tried it both locally and on github actions, on two separate projects (staging and production) - nothing works. Last time I successfully ran

supabase link

on both projects was 12 hours ago for a deployment. Any idea where that could be from? Thanks!

Have you tried contacting support ? Remember this discord is fellow users of supabase. Some may know about this, however actually emailing supabase support for this seems like the play, let me know what they say.

I'm trying to use the buckets in a self-stored environment, the issue is that once I try to reach the buckets page, or try to load a file through the studio, I get the error 404 in /config/storage docker-compose: - supabase/studio:20230502-d8c0723 - supabase/gotrue:v2.60.7 - supabase/storage-api:v0.28.2 - supabase/postgres-meta:v0.60.7 - supabase/postgres:15.1.0.54-rc0

All the tables I create via diesel in have RLS disabled by default, how can I prevent this?

Hi, I'm trying to dynamically build a query to filter on some columns using the Python SDK. I use the

pgvector

extension which is used within a function:

sql
-- We are creating a function to run a similarity search on the documents table
create or replace function match_documents (
  query_embedding vector(1536),
  similarity_threshold float,
  match_count int,
  query_dataset_ids text[],
  query_user_id text default null
)
returns table (
  id text,
  data text,
  score float,
  hash text,
  embedding vector(1536),
  metadata json
)
language plpgsql
as $$
begin
  return query
  select
    documents.id,
    documents.data,
    (1 - (documents.embedding <=> query_embedding)) as similarity,
    documents.hash,
    documents.embedding,
    documents.metadata
  from documents
  where 1 - (documents.embedding <=> query_embedding) > similarity_threshold
    and documents.dataset_id = any(query_dataset_ids)
    and (query_user_id is null or query_user_id = documents.user_id)
  order by documents.embedding <=> query_embedding
  limit match_count;
end;
$$;

I want my end users to be able to filter by metadata Filtering metadata would supports the following operators:

$eq - equal to (string, int, float)
$ne - not equal to (string, int, float)
$gt - greater than (int, float)
$gte - greater than or equal to (int, float)
$lt - less than (int, float)
$lte - less than or equal to (int, float)
Using the $eq operator is equivalent to using the where filter.

{
    "metadata_field": "search_string"
}

# is equivalent to

{
    "metadata_field": {
        "$eq": "search_string"
    }
}

Do you have any idea how I could change my query to achieve this? Or can I run SQL directly using the sdk?

I have a RPC call that failed and I would like to see what exception was raised (because my plpsql function raises exceptions when anything goes wrong. However I can only find a 400 code but not the actual exception that was risen.

I'm trying to pass in a json object into a rpc call but it keeps finding null values:

sql
CREATE OR REPLACE FUNCTION create_order(checkout_session jsonb)
RETURNS void
LANGUAGE plpgsql
AS $$
DECLARE
  order_id uuid;
  cart_item json;
BEGIN
  SELECT uuid_generate_v4() INTO order_id;

  INSERT INTO orders (id, postal_code, address, city, status, customer_email)
  VALUES (
    order_id,
    checkout_session->'shipping_details'->'address'->>'postal_code',
    checkout_session->'shipping_details'->'address'->>'line1',
    checkout_session->'shipping_details'->'address'->>'city',
    'ORDERED',
    checkout_session->>'customer_email'
  );

  FOREACH cart_item IN ARRAY (checkout_session->'metadata'->'cartItemsSimplified')
  LOOP
    DECLARE
      product_id uuid := cart_item->>'product_id';
      quantity int := (cart_item->>'quantity')::int;
      product_row products%ROWTYPE;
    BEGIN
      SELECT * INTO product_row FROM products WHERE id = product_id LIMIT 1;

      IF FOUND THEN
        UPDATE products SET stock = product_row.stock - quantity WHERE id = product_id;

        INSERT INTO order_products (order_id, product_id, quantity)
        VALUES (order_id, product_id, quantity);
      ELSE
        RAISE EXCEPTION 'Product not found: %', product_id;
      END IF;
    END;
  END LOOP;
END;
$$;

how im calling the function:

js
            const { data, error } = await supabase_service_role.rpc('create_order', { checkout_session: JSON.stringify(checkoutSession) });

I get the error:

txt
{
  code: '23502',
  details: 'Failing row contains (2dd0ec8e-9351-4090-810c-054ec8fae6f6, ORDERED, null, null, null, null, 2023-05-03 12:35:07.852398+00).',
  hint: null,
  message: 'null value in column "city" of relation "orders" violates not-null constraint'
}

I've just created a project recently, and noticed that I'm getting Database API, Storage and Realtime requests? Haven't used at all. Please help, what's might be going on?

Hi, I'm new to Supabase (comming from Firebase). I don't understand how you manage the equivalent of Firebase hosting service. Where are the HTML / JS / CSS ... files stored ?

Hello, I recently upgraded to supabase v2. I have a postgres function, that I only want to invoke on the server. Thus the function does not define security definer, because it grabs users emails I don't want to expose on the client Create the admin client (note, this is a svelte-kit project, hence the

env

). These keys are provided locally in

.env

and on vercel. I have been using these keys like this for almost a year, I don't think the keys are missing or something like that.

javascript
const supabaseAdmin = createClient(
  PUBLIC_SUPABASE_URL,
  env['SUPABASE_SERVICE_ROLE'] ?? '',
)

// ...

// In my POST
const emails = await supabaseAdmin.rpc('get_user_emails', { input_id: notebook_id });

The response when calling my rpc function (which selects from

auth.users

)

javascript
{
  error: {
    code: '42501',
    details: null,
    hint: null,
    message: 'permission denied for table users'
  },
  data: null,
  count: null,
  status: 403,
  statusText: 'Forbidden'
}

has anyone here had success deploying a NEXT app to cloudflare pages? apparently they only support edge runtime. I was wondering if that would be viable for a SaaS where i would imagine the api routes, middleware and pages (at least some of them) would need auth/checking of auth on every request The app would also need access to supabase's DB and auth, including caching some of the DB calls to SB (i imagine this would be through redis)

Hi, none of the methods on

supabase.storage

is working.

i try use

psql -h host -p 5432 -d postgres -U postgres

and it says this

psql: error: connection to server at "host" (thing), port 5432 failed: Connection refused
        Is the server running on that host and accepting TCP/IP connections?

So i did a

supabase db diff > migrations/schema_test.sql

and tried

supabase db push

i get

Skipping migration schema_test.sql... (file name must match pattern "<timestamp>_name.sql")

how do i generate migration with a timestamp? or am i doing this wrong?

Has anyone developed anything for mobile using the C# sdk ?

I am running a local hosted supabase server but I cant seem to add providers because the do not show up sadly. I have tried most things but it doesn't work so I am probably doing something wrong... (Using docker) The oauth url says too its disabled...

I want to be able to do

await supabase.auth.getUser(???)

after the user clicks on the confirm email link. Unless there is a better way to do this?

Almost all edge function examples have authenticated users.

// Create a Supabase client with the Auth context of the logged in user.
    const supabaseClient = createClient(
      // Supabase API URL - env var exported by default.
      Deno.env.get('SUPABASE_URL') ?? '',
      // Supabase API ANON KEY - env var exported by default.
      Deno.env.get('SUPABASE_ANON_KEY') ?? '',
      // Create client with Auth context of the user that called the function.
      // This way your row-level-security (RLS) policies are applied.
      { global: { headers: { Authorization: req.headers.get('Authorization')! } } }
    )

what if there are certain tables, for example "contact_us" table, that don't need an authenticated user? how would i make that function?

Is it possible to fetch files by just their object_id? e.g. something along the lines of """ const { data:shared_files_bucket, error: shared_file_bucket } = await supabaseClient .storage .from('files') .list(['0b9d5fba-4074-4ec9-9074-97285677c421')']) Currently this is not working for me & this is what was suggested by the AI in Supabase & I haven't seen anything in the docs to fetch by an array of object_ids . """

Is this a bandwidth issue and should i upgrade? did this make a difference for others? thanks