I use magic link sign in with Supabase, so no sign up needed. I want to send a transactional email when new users are created but I'm not sure the best way to approach it. I can make an API endpoint that does it but I'll need to call it somewhere. I have a stored procedure that runs when a user is added to the

auth.users

. So maybe I could call my api from there? Since supabase sends a confirmation email instead of a sign in email on a user creation (even when using

signIn()

), could I do something with that?

I get the following error: - Node v16 locally using supabase-js v2 - Node v18 Gatsby Cloud using supabase-js v2 I do not get the following error: - Noce v18 locally using supabase-js v2 - Node v16 locally using supabase-js v1 - Node v18 Gatsby Cloud using supabase-js v1 The error:

(node:9) UnhandledPromiseRejectionWarning: TypeError: Right-hand side of 'instanceof' is not an object at /tmp/55fe830c-c9b9-5321-be71-95aa92bd9b63/index.js:18036:17 at Generator.next () at fulfilled (/tmp/55fe830c-c9b9-5321-be71-95aa92bd9b63/index.js:18025:58) at runMicrotasks () at processTicksAndRejections (internal/process/task_queues.js:95:5)

16:16:13 PM:
(node:9) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 28)

I'm trying to put together a RLS policy to only allow users enrolled in a course to view the discussions. There are two tables for the discussions, one with top-level threads and one with the replies. Writing a policy for the reply table, I want to make sure only users who are enrolled in the course can select the replies, however there is no

course_id

column in this table. There is however a

thread_id

which further references

course_id

. How can I make something like the following policy work?

sql
(is_admin(uid()) OR has_course(thread_id.course_id, uid()))

In some instances, when I share my supabase DB connection info with an associate, and they attempt to make a direct connection to the DB, the request unexpectedly times out. I am able to connect myself with no issue. These associates are attempting to connect via the PSQL client with the exact same command that I'm using to connect. What's particularly strange is that this is only an issue occasionally, and they are sometimes able to connect. Is there a possibility that the firewall on the network running my supabase instance is somehow getting manipulated to only allow inbound connections from my IP? Or, are there any suggestions for why this issue might be happening?

I have a custom schema

a

which is exposed. It has a table called

a

(

a.a

) which has rls enabled using

alter table a.a enable row level security;

and allowing select operations using

CREATE POLICY "view a"
ON a.a
FOR SELECT USING (
  true
);

. Upon using

ilike

with supabase-js, I get

permission denied for table a

. Am I missing something here?

We just updated the CLI from 0.26.0 and are not able to have megic links sent anymore. Is this a known issue? We have made sure that the

config.toml

file at least contains the entries of a newly generated file.

Can you make a composite primary key, do you just enable two primary keys and it's done?

I'm getting this error for any query to the database. I'm using prisma on the application side, and there are a few zaps running as well. The app isn't even live so I don't know how this makes any sense honestly.

I have 3 tables.

battle

,

teams

and

user

. They are linked to each other in this order, but

battle

does not have a direct relation with

user

. I want to query every

user

that has at least one battle that is public. For this I have

battle.public IS TRUE

. How do I join

user

and

battle

with supabase-js? Here is a code example of my (failed) attempt:

js
const { data: users } = await this.$supabase
        .from('user')
        .select('id, name, team:inner(battle:inner(*))')
        .eq('battle.public', 'true')

Does anyone know?

Hi! When writing policies I often find myself calling certain helper functions to get more detailed information about a user and their privileges. Is there some way I can optimize this so that the SELECT query in the function is only called once and the same row is returned for that user throughout the transaction/query? Would a STABLE function or something similar work? Thanks!

trying to convert nextjs app to version 2. How is setAuthCookie done now? auth.api seems to no longer be a thing. Code is basically the same as this older example. https://github.com/supabase/supabase/blob/master/examples/auth/nextjs-auth/pages/api/auth.js

Steps I have done so far: - I have cloned the repo - Run

docker-compose -f docker-compose.dev.yml

- Run the

node-js

example - Add some inserts in to

users

table that created and I don't see any real time updates being pushed. I tried to drop publication and recreate it. I don't have any luck so far.

I'm trying to replicate a function on firestore where on an insert on a table would send a notification to our company's discord server. All I can see is the ability of hosting just the function and it consuming the database, is there a way to have it as I intend it to?

For example clicking on a confirm email link takes me to localhost, obviously that won't work. But is there is a general page that Supabase generates or do we have to create our own website for this? Similar to Firebase's default confirm or password reset links. Thanks.

When uploading my server to heroku, supabase seems to crash the application with the error:

2022-08-23T05:30:11.864679+00:00 app[web.1]: /app/node_modules/@supabase/supabase-js/dist/main/SupabaseClient.js:51
2022-08-23T05:30:11.864681+00:00 app[web.1]: throw new Error('supabaseUrl is required.');
2022-08-23T05:30:11.864682+00:00 app[web.1]: ^
2022-08-23T05:30:11.864682+00:00 app[web.1]:
2022-08-23T05:30:11.864682+00:00 app[web.1]: Error: supabaseUrl is required.

On my local machine, everything works fine. I'm using

const { createClient } = require('@supabase/supabase-js')
const supabase = createClient(process.env.SUPABASE_URL, process.env.SUPABASE_SERVICE_KEY)

in my server to perform db queries as described in the documentation. The env variables seem to be configured correctly in my .env otherwise it wouldn't work locally. What could be the problem here?

Hi, I'm trying to query from a jsonb column. I had this working at the query editor but I can't seem to convert it to the javascript equivalent.

select first_name, last_name, schedule as "Thursday" from "Employees"  where schedule#>'{4}' is not null

Sample Record: First_Name | Last_Name | Schedule John | Doe | {"4":[8,9]} I've tried:

supabaseClient.from('Employees')         .select('first_name,last_name,schedule')
            .not('schedule#>{4}', 'is', null)

supabaseClient.from('Employees')    .select('first_name,last_name,schedule')
            .not('schedule->>4', 'is', null)

but it's either: returning nothing or returning more than expected. Am I missing anything?

I have the following tables (simplified)

posts (id, title)
post_tag (post_id, tag_id)
tags(id, title)

And I'd like to get all posts that have n tags. An or filter works fine, but I'm looking for an

AND

My query looks like

supabase
  .from<Post>("posts")
  .select(*, filterTags:tags!inner(id), tags(*))

How do I do this in js sdk .order function:

sql
order by (SP.target_impressions-SP.served_impressions) desc, updated_at desc

Hi All, I've been trying to understand the security part of Supabase Auth (without Row Level Security). So, as we all know for Single Page Application, we need to expose Supabase URL and Supabase Key to client. Those credentials are publicly available to anyone that know how to view client side JS files. Supabase Guide [here](https://supabase.com/docs/guides/with-react) mentioned that's completely fine since we have Row Level Security enabled on our Database. However, I use Supabase Postgres with Prisma. I do not have RLS enable. From my understanding, without Row Level Security, anyone could use those exposed credentials to re-create Supabase client and make a call to our table directly. Could anyone correct me if I'm wrong. Questions: Is there a way to create a separated key for database (postgres) and authentication service? If so, when we expose the keys to browser. We don't have to worry that someone could connect to our database. Cheers

I have a table with hosts, and there are several colums there about amount of different sooms. Living rooms, kitchens etc. Now I also need a count of total rooms to this host object. What is the best practice of doing this? Can I have a column, that takes an int as the sum of other columns? Or how does that work? thanks!

We have been having some trouble with authentication for a long time, we used the authentication client side, and now server side. For a long time our main problem was that it logs out for no reason in particular, in the console says that the

refresh token

is invalid, but how?

Until now the auth has been working very well, but a recent refactor seems to have broken everything and I can't figure out why. We are using magic links to sign in users, but after clicking the magic link the user is not signed in. There is no event pushed to auth.onAuthStateChange, auth.user() remains null and policies that require authenticated users fail. Observing the requests after clicking the magic link reveals that http-only cookies for authentication are set, when following the verify-link. I've made sure that the redirect is for the correct domain, so that shouldn't be an issue. My question is, as the title states, when the user is considered to have logged in? I assumed it would be when the url of the magic link is navigated to, but given that supabase does not recognize the 'SIGNED_IN' event that doesn't seem to be right. Also, is there a way to check a user's auth state in the dashboard? That might help us debug a little.

I'm having to rewrite my Sveltekit app to accommodate the new SvelteKit changes and trying to make my app more SSRed. I've had to jump through some painful hoops to get the cookies ('sb-access-token' and 'sb-refresh-token') set and unset for the auth changes in my MagicLink auth .... and this still requires me using frontend code to handle the response and then trigger POSTs and stuff to get the cookies saved. Wondering ... why does Supabase auth not just set the cookies on the response in the 'Set-Cookie' header? Would save me a tonne of headache and means I wouldn't have to use

onAuthStateChange

and handle all the cases ... and would also mean it doesn't get triggered everytime I move away from the tab and back again (which annoyingly forces a refreshed signin)

Hi, I hope I'm right here! I am having problems with my signup. Here's my code:

import { createClient } from '@supabase/supabase-js'
import AsyncStorage from '@react-native-async-storage/async-storage'

import { API_ANON_KEY, API_BASE_URL, REST_API_PATH } from '../constants/Api'

const supabaseUrl = `${API_BASE_URL}${REST_API_PATH}`
const supabaseKey = API_ANON_KEY
const supabase = createClient(supabaseUrl, supabaseKey, {
  localStorage: AsyncStorage,
})

let { user, error } = await supabase.auth.signUp({
    email: 'someone@email.com',
    password: 'CFWSEubppfanYfvhXYSo'
  })

What I get in response is a 404 with an empty object. This I can also see in the API logs. Has anyone here an idea what I am doing wrong? Would be very much appreciated! 🙏 Thank you in advance!

Hey guys, just a quick question - I'm currently prototyping some backend and evaluating supabase for this purpose. I don't want to use ssr cause the frontend "app" will only be visible to customers for managing their data. So I think about just using plain react in frontend - but what should I use for auth purpose? Should I implement it myself or should I use supabase/ui (https://ui.supabase.io/components/auth) or use the auth-helpers package for this? Especially when I need some functionality like reset password etc. when using plain react & react-router it seems to be tricky? Any recommendations for that? Thanks!

Hi, I want to change the location marked in the image below in the storage section, how do I do it?

I have a function that returns a table so that I can do some aggregations and filtering that are not possible with the supabase client. Ideally I would want to join on this so I can get related data, their is a relationship between the source table and the join table but because of the indirection from the function it seems like PostgREST just can't handle it. Here is my function:

sql
CREATE OR REPLACE FUNCTION aggregated_track_analytics(_activity_type text, _user_id uuid)
RETURNS SETOF (track_id text, user_id uuid, activity_type text, play_count int, last_played_date timestamp, distance numeric, ascent numeric, descent numeric)
AS $$
  SELECT
    t.track_id,
    CASE WHEN _user_id IS NULL THEN NULL ELSE t.user_id END AS user_id,
    CASE WHEN _activity_type IS NULL THEN NULL ELSE a."type" END as activity_type,
    COUNT(t.id) as play_count,
    MAX(t.last_played_date) as last_played_date,
    SUM(t.distance) as distance,
    SUM(t.ascent) as ascent,
    SUM(t.descent) as descent
  FROM track_analytics t
  INNER JOIN activities a on a.id = t.activity_id
  WHERE t.distance > 0
    AND (_user_id IS NULL OR t.user_id = _user_id)
    AND (_activity_type IS NULL OR a."type" = _activity_type)
  GROUP BY activity_type, t.user_id, track_id;
$$ LANGUAGE sql;

t.track_id has a relationship to the tracks table that I want to join to but I am guessing because the function returns TABLE instead of SETOF track_analytics that the join errors from the supabase client. Is there any way to make it so this works?

ts
this._client.rpc<DBAggregatedTrackAnalytics>(
      DB_FUNCTIONS.aggregated_track_analytics,
      {
        _user_id: filters.userId ?? null,
        _activity_type: filters.activityType ?? null,
      }
    ).select(`
        *,
        track:tracks!inner(
          id,
          name,
          duration
        )
      `)

The most recent Realtime blog post says to use the newest release of supabase-js, but it is unclear how to do that. 1. Is it as simple as running something like

yarn add @supabase/supabase-js@next

? 2. How do I know if I am on the correct release (there is no version number in the package.json??) 3. Will the reference docs be updated to include Broadcast information? (https://supabase.com/docs/reference/javascript/next/subscribe)

Hey, guys, I'm trying to create a M-N relation with both foreign keys marked as primary. In this case, I wanted to mark the resulting composite key as unique, is that possible in Supabase? I know I can individually mark them as unique, but I believe that won't be equivalent to what I'm looking for

How do I use onConflict with Supabase Upsert when using the RESTful API?