I've looked but couldn't find any doc or example, I'm trying to create a RLS policy, which let only users who is authenticated AND auth.users.app_meta_data['some_field'] = TRUE, I believe I explained what im tryna achieve, basically I want to be able access column field and use it on policy logic. Thanks in advance for any help

Hello, I am trying to make an SQL query to my DB with a "where" filter but I don't find how to do this with tht python implementation of the library. Does anyone know how to do this? Thanks in advance

As soon I select my project from the supabase dashboard the browser hangs, I tried to clear the cache but it still does it, ideas?

strap in, this one is a doozy. I honestly have no idea how to title this issue that i am witnessing, but basically here's the scenario. I have a 3 tables

collections

collections_metadata

cards

`collections`: the main table in this scenario `collections_metadata`: has a read only policy with columns

id (foreign key -> collections.id)

,

created_at

and

updated_at

cards

: has columns

id(composite key), collection_id(composite/foreign key -> collections.id), booleanFlag(composite key)

The use case: 1) whenever any update in

collections

happens, trigger a function to update

collections_metadata

with the corresponding collection ID, 2) whenever a row in

cards

gets updated/deleted/inserted, trigger a function to update

collections_metadata

with the corresponding collection ID. basically, whenever any data where its foreign key is the collection ID, update the

updated_at

time signifying this collection has been updated I have 2 functions and 2 triggers in place for this to happen for both the

collections

updates and the

cards

update/delete/insert. The weird part is that ALL OF THIS WORKS. the triggers are happening, and the functions are updating the time in the appropriate

updated_at

column. here is whats NOT working, the ordering. Whenever i update a

collections

column, the ordering works. whenever i update/delete/insert a

cards

row/column. the ordering remains exactly the same, EVEN THOUGH I SEE THE TIME UPDATE IN THE TABLE. i also see the response data in the console and its all matching data. and heres how im calling the data with the client

sb
  .from('collections')
  .select('*, collections_metadata(updated_at)')
  .order('updated_at', { foreignTable: 
'collections_metadata', ascending: false })

help, im lost 😕

js

declare
    roomid bigint;
begin
    select messages.room_id into roomid from messages where messages.id = message_id;

    return exists(
      select 1 from room_members where room_members.room_id = roomid AND room_members.user_id = userid
    );
end;

Added this function that takes in userid and message_id to check wether a person is allowed to read (select) a message but get the error in title.

Hey, is anyone experiencing a latency on Supabase dashboard ? This message, cannot click anywhere, and computer fans boosting like hell

I didn't notice but I passed both the password and email to the email property of the signUp function in the JS client. Server returns a golang unmarshal error. curl 'https://ufvvgvpifynwaqnpfixv.supabase.co/auth/v1/signup' -X POST -H 'User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0' -H 'Accept: */*' -H 'Accept-Language: en-US,en;q=0.5' -H 'Accept-Encoding: gzip, deflate, br' -H 'Referer: http://localhost:5173/' -H 'Content-Type: application/json;charset=UTF-8' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InVmdnZndnBpZnlud2FxbnBmaXh2Iiwicm9sZSI6ImFub24iLCJpYXQiOjE2ODE3ODk4MTQsImV4cCI6MTk5NzM2NTgxNH0.rfE6J9F6HxT4iD-fRR3_ezy7blFy237CfSYAH82FdvY' -H 'apikey: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InVmdnZndnBpZnlud2FxbnBmaXh2Iiwicm9sZSI6ImFub24iLCJpYXQiOjE2ODE3ODk4MTQsImV4cCI6MTk5NzM2NTgxNH0.rfE6J9F6HxT4iD-fRR3_ezy7blFy237CfSYAH82FdvY' -H 'X-Client-Info: supabase-js/2.22.0' -H 'Origin: http://localhost:5173' -H 'Connection: keep-alive' -H 'Sec-Fetch-Dest: empty' -H 'Sec-Fetch-Mode: cors' -H 'Sec-Fetch-Site: cross-site' --data-raw '{"email":{"email":"re2@gmail.com","password":"aaaaaaa"},"data":{},"gotrue_meta_security":{},"code_challenge":null,"code_challenge_method":null}'

I want to sync user information when sing in by Google provider the auth is working fine but when I add this Trigger is not working , why ?

create table public.users (
  id uuid not null references auth.users on delete cascade,
  name text,
  email text,
  image text,
  plan text default('Basic'),
  credits integer default(3),

  primary key (id)
);

alter table public.users enable row level security;


-- inserts a row into public.users
create function public.handle_new_user()
returns trigger
language plpgsql
security definer set search_path = public
as $$
begin
  insert into public.users(id, name, email, image)
  values (new.id, new.name , new.email, new.image);
  return new;
end;
$$;

-- trigger the function every time a user is created
create trigger on_auth_user_created
  after insert on auth.users
  for each row execute procedure public.handle_new_user();

I am experimenting with the new server actions in NextJS (Not sure if this has anything to do with it) I have implemented my Supabase Provider:

const [supabase] = useState(() => createBrowserClient());

  return (
    <Context.Provider value={{ supabase, session }}>
      <>{children}</>
    </Context.Provider>
  );

I then have the listener which again has just been pulled from the code sample:

const { supabase } = useSupabase();
  const router = useRouter();

  useEffect(() => {
    const {
      data: { subscription },
    } = supabase.auth.onAuthStateChange((event, session) => {
      if (session?.access_token !== serverAccessToken) {
        // server and client are out of sync
        // reload the page to fetch fresh server data
        // https://beta.nextjs.org/docs/data-fetching/mutating
        router.refresh();
      }
    });

    return () => {
      subscription.unsubscribe();
    };
  }, [serverAccessToken, router, supabase]);

  return null;

I have my server action which calls the sign in function. This works and successfully brings me back a session object:

const supabase = createServerClient();

  const { data, error } = await supabase.auth.signInWithPassword({
    email: formData.get("email")?.toString()!,
    password: formData.get("password")?.toString()!,
  });

  if (error) {
    throw new Error(error.message);
  }

  return { success: true, data: data };

My issue is even though my SignIn actually works, when I try get pull the session either from the Server or Client they are both returning

null

. Anyone been experimenting, or see an issue with implementation?

Hi all, I can't see how to set up storage programmatically. Can someone point me in the right direction? eg - I have storage set up in one project (dev) and want to set it up in another (live). thanks

Does anyone know if a RLS template can be defined so I can quickly apply it to my tables? Thanks!

I am connected to my PostGres database using DataGrip. I'm trying to run the statement below to create a function.

sql
CREATE OR REPLACE FUNCTION get_players_and_elo_ratings(match_id UUID)
RETURNS TABLE (player_id UUID, elo_rating FLOAT4, team INT2) AS $$
BEGIN
  RETURN QUERY
  SELECT pm.player_id, pr.elo_rating, pm.team
  FROM player_matches pm
  INNER JOIN profiles pr ON pm.player_id = pr.user_id
  WHERE pm.match_id = match_id
  LIMIT 4;
END;
$$ LANGUAGE plpgsql;

I am able to successfully create the function, and I see it on my supabase interface -- but for some reason the data types of the returned tables are changed?

elo_rating

becomes

real

team

becomes

smallint

What gives? Additionally, how come I cannot create a function that returns a table with the Supabase web interface?

Hi all. I have a table called

connections

and the idea is to limit the number of connections for each user depending on the user's subscription type that is defined in a table

profiles

. Let's say a user with a BASIC subscription can create up to 3 connections and a PRO can create up to 5 connections. I'm trying to achieve this with a restrictive RLS policy on insert. My idea is putting a condition like this in the policy's check expression:

sql
case
when plan = 'BASIC' then count(connections.id) < 3
when plan = 'PRO' then count(connections.id) < 5
else false
end as isallowed

but no idea how to achieve that using selects so the SQL returns a valid boolean for the check expression. This is a select I'm trying to work with right now:

sql
select connections_1.id, profiles_1.plan,
case
when profiles_1.plan = 'BASIC' then count(connections_1.id) < 3
when profiles_1.plan = 'PRO' then count(connections_1.id) < 5
else false
end as isallowed
from connections connections_1
join profiles profiles_1
on connections_1.user_id = profiles_1.user_id
where (connections_1.user_id = 'xyz')
group by connections_1.id, profiles_1.plan

returning:

id | plan    | isallowed
--------------------------
1  | 'BASIC' | true
2  | 'BASIC' | true

Now I had the idea to run distinct on `isallowed`:

sql
select distinct isallowed from (
select connections_1.id, profiles_1.plan,
case
when profiles_1.plan = 'BASIC' then count(connections_1.id) < 3
when profiles_1.plan = 'PRO' then count(connections_1.id) < 5
else false
end as isallowed
from connections connections_1
join profiles profiles_1
on connections_1.user_id = profiles_1.user_id
where (connections_1.user_id = 'xyz')
group by connections_1.id, profiles_1.plan) as result

which returns:

result
---------
true

Is this a valid approach? How would you now compare

result

in the policy's check expression? Any help would be really appreciated, thank you!

So I'm giving SvelteKit Auth Helpers a try and I'm struggling to understand some things. I'm trying to figure out how to send the client session to the server and I can only find the opposite: https://supabase.com/docs/guides/auth/auth-helpers/sveltekit#send-session-to-client I was wondering is someone could explain to me how I could do this

I know, I know, I'm stupid. I've deleted the wrong project and of course I didn't do any backup myself. It was a quick hacked project that I did on a weekend and it was working so well that I just integrated it into production. It's not really mission critical, but it still hurts. Is there a way to recover the database?

In local development I am attempting to use Supabase Auth but I continue to get an error as shown in the screenshot. I do have a

.env.local

file with

NEXT_PUBLIC_SUPABASE_URL=http://localhost:3000

and

NEXT_PUBLIC_SUPABASE_ANON_KEY

set to the

anon key

given by

supabase status

. Because I was getting nowhere I cloned the Next.js Example Project at https://github.com/supabase/supabase/tree/master/examples/auth/nextjs and copied over my

.env.local

file. Running this project returns the same error. Below is my

package.json

. In your help please remember the error is the same whether in my new project or in the cloned example project. Thank you for your help.

json
{
  "name": "my-nextjs-supabase-auth-project",
  "version": "0.1.0",
  "private": true,
  "scripts": {
    "dev": "npx supabase gen types typescript --local > src/lib/types/supabase.ts && next dev",
    "build": "next build",
    "start": "next start",
    "lint": "next lint"
  },
  "dependencies": {
    "@supabase/auth-helpers-nextjs": "^0.6.1",
    "next": "13.4.3",
    "react": "18.2.0",
    "react-dom": "18.2.0"
  },
  "devDependencies": {
    "@types/node": "20.2.1",
    "@types/react": "18.2.6",
    "@types/react-dom": "18.2.4",
    "autoprefixer": "10.4.14",
    "encoding": "^0.1.13",
    "eslint": "8.41.0",
    "eslint-config-next": "13.4.3",
    "postcss": "8.4.23",
    "supabase": "^1.62.4",
    "tailwindcss": "3.3.2",
    "typescript": "5.0.4"
  }
}

The Supabase docs seem to only mention a url for cloud projects @ https://.supabase.co/rest/v1/ http://localhost:54321/rest/v1 yields

{"message":"no Route matched with those values"}

I would like to serve simultaneously these two commands pretty much

supabase functions serve foo --no-verify-jwt

and

supabase functions serve bar

But I cannot run two servings at the same time and I cannot find a way how to tell single local function not to use JWT Motivation - one of my functions is called from third party as a callback and I cannot pass in JWT for it.

Hi there, I'm trying to use the Auth component to only allow Google auth. However, in the UI beside the Google Auth button, the email and password fields appears. I already disable the Email provider from Supabase config. In the pictures you can see my code and the Supabase auth config.

I need a list of all possible errors from the SDK for the sake of translations, is there a place where all of them are being listed somewhere?

Is there already something when the user logs in that their profile/metadata gets updated? Or is this something I have to manage when a user logs in. Essentially I want an "Last active" column

We have a query to delete a user row from a table (not in

auth

), which can trigger rows in other tables to be deleted too. According to

explain analyze

, this should take about 10s, and yet postgREST returns an error saying we timed out. We're definitely using the

service_role

key, and the statement timeout for that role is set to 60s (pic 1). The postgREST timeout is also set to 60s (pic 2). The query that times out is in pic 3, and the error it shows in pic 4. The

explain analyze

result for a new user with no attachments in other tables is in pic 5. The schema is definitely

public

for the supabase client. The other non-delete queries are running just fine. Anything that I missed that could explain why this one times out, even if the query runs for 10s but we allow up to 60?

Would be great to have this for newbs like me.

Hello, Goal: Every time a user is added to my

users

table, I want to ping a stripe endpoint to create a customerID and save it to the user in the

users

table. Problem: - First I thought about creating a supabaseDB function to handle to listen for changes in the auth table, then ping stripe to get the customerId, and then add the user to the table. however it looks like I can only write psql or sql in the function so it'a a no go (I think). Do I need to create a backend to listen to realtime changes for this to work?

I'm confused about the steps required to migrate from supabase v1 to v2. I am looking at the Migration Guide, and it seems all I really need to do is checkout a branch in my app, and then start working through the changes starting from createClient, auth, and calls to the dB to ensure I am using the new format. Is that correct? Are there any gotchas? @garyaustin I did post this in the discussion forum and will update the answer there. I'm just trying to knock this out.

I have a public bucket, yet, I'm still getting this error: message : "new row violates row-level security policy for table \"objects\"" Any idea what to ddo?

I have a App directory app with a simple login and some forms to fill out. If the data from the forms is missing on the user's profile, it will redirect to the appropriate form. My current issue that, on submission of one of the forms, I want to redirect user to the following form, based on the value they provided in one of the fields. Current behavior: Form resets values while loading spinner shows up (isLoading state), URL quickly flashes the appropriate path it should go to, but instead stays on the same with the empty form. When I manually refresh I am then actually redirected to the right path. Desired behavior: Redirecting to the right path without manual interaction. I assume this has something to do with waiting for the data to enter my db table. Is there any way I can delay the redirect?

All my edge function just started timing out, no new deployments in weeks and I have hit any of the endpoints lately. I initially thought that some of services I use were timing out but doesn't seem to be the case. Upon checking for logs I don't see any activity for the function, just get a "CPU execution time exceeded" without any actual function activity. All taking over 20s to timeout.

I created a function and I am passing my anon key in the header but I am getting invalid jwt

I use the following library https://github.com/supabase-community/postgrest-rs to be able to use my Rust backend and my PostgreSQL Database hosted on Supabase. My database is called

Rust_learning

and it has one table

person

with some data in it. In my Rust backend I can connect to the database using :

rust
// db.rs
use postgrest::Postgrest;
use dotenv;

pub fn create_postgrest_client() -> Postgrest {
    println!("db.rs create_poostgrest_client");
    dotenv::dotenv().ok(); 

    let client = Postgrest::new("https://qwxmltxvwbbnrbjfnlap.supabase.co")
        .insert_header(
            "apikey", "my api key"
        );
    client
}

then I created a route based on the example I found on the Github :

rust
// person.rs
use axum::{http::StatusCode, Json};
use serde::{Deserialize, Serialize};
use serde_json;

#[derive(Debug, Deserialize, Serialize, Clone)]
pub struct Person {
    pub id: i32,
    pub name: String,
    pub age: i32,
}

impl Person {    
    pub async fn find_all_handler() -> Result<Json<String>, StatusCode> {
        let client = crate::db::create_postgrest_client();
        let resp = client
            .from("person")
            .select("*")
            .execute()
            .await
            .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
    
        let body = resp
            .text()
            .await
            .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
    
        Ok(Json(body))
    }
}

Which I then defined in `routes.rs`:

rust
// routes.rs
use axum::{http::StatusCode, Json, response::IntoResponse};
use std::vec::*;
use crate::models::Person;

pub async fn debug() -> Result<Json<String>, StatusCode> {
    println!("routes.rs debug");
    match Person::find_all_handler().await {
        Ok(person) => Ok(person),
        Err(_) => Err(StatusCode::INTERNAL_SERVER_ERROR),
    }
}

and finally use in `main.rs`:

rust
// main.rs
use axum::{routing::get, Router};
use std::net::SocketAddr;
use tower_http::cors::{Any, CorsLayer};

mod routes;
mod db;
mod schema;
mod models;
use routes::{root, hello_world, find_all_person, debug};


#[tokio::main]
async fn main() {
    let cors = CorsLayer::new().allow_origin(Any);

    let app = Router::new()
        .route("/debug", get(debug))
        .layer(cors);

    let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
    println!("listening on {}", addr);

    axum::Server::bind(&addr)
        .serve(app.into_make_service())
        .await
        .unwrap();
}

However I keep getting

"{\"message\":\"no Route matched with those values\"}"

. Fyi

resp

contains :

Response { url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some(Domain("qwxmltxvwbbnrbjfnlap.supabase.co")), port: None, path: "/person", query: Some("select=*"), fragment: None }, status: 404, headers: {"date": "Mon, 22 May 2023 18:11:41 GMT", "content-type": "application/json; charset=utf-8", "content-length": "48", "connection": "keep-alive", "cf-ray": "7cb705ea78fb24c6-ZRH", "strict-transport-security": "max-age=2592000; includeSubDomains", "cf-cache-status": "DYNAMIC", "sb-gateway-version": "1", "x-kong-response-latency": "0", "server": "cloudflare", "alt-svc": 
"h3=\":443\"; ma=86400, h3-29=\":443\"; ma=86400"} }

What am I doing wrong ? I also asked for help in the official Rust Discord server but they redirected me here since nobody used this Github library