Hi, I am using supabase in my company and I would like to know if there is any way to authenticate one application (not user) using an admin key or something like that. Thank you.

I am trying to push a migration to the main server but im getting the permission denied error. I could fix this issue when altering tables using

ALTER TABLE users OWNER TO postgres;

but i cannot work out how to fix this to create views. This is the error output from the terminal

Error: ERROR: permission denied for schema public (SQLSTATE 42501)
At statement 0: create view "public"."users_without_checklist_today" as  SELECT user_profiles.user_id,
    user_profiles.user_simple_id,
    user_profiles.fname,
    user_profiles.lname
   FROM user_profiles
  WHERE ((user_profiles.isadmin = false) AND (NOT (EXISTS ( SELECT 1
           FROM checklist
          WHERE ((user_profiles.user_id = checklist.user_id) AND (checklist.created_at = CURRENT_DATE))))))

Hi Guys, currently getting this error when trying to get the users session on an api route. any ideas? code

const createCheckoutSession = async (req, res) => {
  const supabase = createServerSupabaseClient({ req, res })
  // Check if we have a session
  const { data: { session } } = await supabase.auth.getSession()

  if (!session) {
    res.status(401).redirect('/signin')
  }
}

Error

error - TypeError: resolver is not a function
    at Object.apiResolver (/Users/redacted/Code/personal/redacted/node_modules/next/dist/server/api-utils/node.js:367:15)

I am not able to figure out how to pass an error message thrown in an Edge function and access that error in the JS client using client.functions.invoke. The error is indeed thrown in the Edge function, but just not quite sure how to control what error is returned in the client. Here is what I currently have.

function runFunctionThatThrowsError() {
  throw new Error("Hey!")
}
export async function handler(req: Request) {
  try {
    const requestData: CreateCheckoutRequestData = await req.json();

    runFunctionThatThrowsError();

    return new Response(
      JSON.stringify({}),
      {
        headers: { ...corsHeaders, "Content-Type": "application/json" },
        status: 200,
      }
    );
  } catch (e) {
    console.log("got error in catch", e);
    return new Response(JSON.stringify(e), {
      headers: { ...corsHeaders, "Content-Type": "application/json" },
      status: 500,
    });
  }
}

When that function runs, it'll print "Hey" to the console. When I try to invoke the function in the client with

const { error: checkoutQueryError } =
      await client.functions.invoke<CreateCheckoutResponse>("validate-checkout");

error prints

[FunctionsHttpError: Edge Function returned a non-2xx status code]

How do I get "Hey", or the error message thrown in the function into the client? Any help is appreciated.

Hi i want to try supabase for the first time but i see someon use the server/api stuff to make calls or insert data which are bound to a user or updating own profile is which stuff should i put on the server and which on client When i fetch simple stuff i can go with pure. client but when i fetch stuff which is related to auth should i put this on the server/api/updateProfile or something? just an example thanks

I'm working on a project involving internal documentation in a multi-tenant style application. I'd like users to be able to add images, powered by Supabase Storage. However, I'm stuck on best practices and a somewhat limited API here around generating URLs. Because of the nature of multi-tenancy, I'd assume a private bucket is the way to go here - and then further signed URLs most likely would work - but consider this use case. A user creates a new document, uploads an image - generates a signed URL - and inserts it into the document. There must be an expiry for these, so at some point that URL will not work. Ok, so we could also generate these URLs on-demand - but this could result in a huge amount of reqs to the Storage API - which might be OK, but I assume there is some cost to doing so (something similar to S3s request limits)? Also, going down this route would mean that a new token would be created every time a user wanted to view an image, which doesn't seem efficient on either of our ends. Something else I had considered would be to just have a really long expiry time on the images, which would work - but is also less secure and effectively the same as making a bucket public with hard-to-guess object keys. What would be useful, is if a user could just request an image from a pre-defined URL, appending their current access/session token to the URL - perhaps having that validation happening in the storage API against RLS policies. That way you'd have a consistent private URL - that is secured at the same level the users auth tokens are. Are there good best practices for doing something like this?

I seem to be unable to properly select through a join table. I have a clients table with a client id I have a relations table with fk client id and fk user id I have a users table with fk user id My select starts at my clients table, how would I select from the users table everything that has a fk with my clients tables client id through the relations table?

Hi It looks like i have an issue with storage. Here is my list of policies for the storage:

I'm using the magic link setup through supabase. I'm wondering if there's a way to have it redirect to the deployed site AS WELL AS local host. I tried just putting local host in the url, but that didn't work. Still just redirects me to deployed.

For free plan I see that a project can have 200 concurrent Realtime connections , What does exactly that presents ? a maximum of 200 channels ? or maximum of 200 users per each channel created ?

Hello! I’m trying to create an app to create and organize events. I’d like to be able to create a ‘sharing’ link which allows people to view the event. View only with link. Is there anyway to achieve this through supabase? Magic links seem to require emails, would prefer to allow auth without an email, provided the url token is correct…

This error happens when loading the login page. The login UI flashes unstyled, then renders successfully, and throws hydration errors. My browser console shows the following errors: * Warning: Invalid DOM property

stop-color

. Did you mean

stopColor

? * Warning: Invalid DOM property

stop-opacity

. Did you mean

stopOpacity

? 'use client'; // Imports // ======================================================== import { useEffect} from "react"; import { createClient } from "@supabase/supabase-js"; // for supabase's function import { ThemeSupa, Auth } from "@supabase/auth-ui-react"; // for Auth UI import { useRouter } from "next/navigation"; // Page // ======================================================== const supabase = createClient( HIDDEN ); const AuthUI = () => { const router = useRouter(); useEffect(() => { const checkSession = async () => { const { data } = await supabase.auth.getSession(); if (data.session) { router.push("/"); } }; checkSession(); }); supabase.auth.onAuthStateChange((event) => { if (event == "SIGNED_IN") { router.push("/dashboard"); } }); return ( <Auth supabaseClient={supabase} appearance={{ theme: ThemeSupa }} providers={['azure']} theme="dark" view="sign_in" /> ) }; export default AuthUI;

Hello, is it possible to run a function that fetches some data and update the DB, once every hour? I think it's called a cron job.

advice needed. !!!SupaBase PostgreSQL operator usage in python!!! I am using supabase and Python. The query in python: user = supabase.table('user').select('').filter('email','~*',"something@domain.com").execute() The problem comes with filter() method... it suppose to take three parameters, all of them are strings, ('table','operator','criteria') when executed I recieve: postgrest.exceptions.APIError: {'code': 'PGRST104', 'details': 'Failed to parse [("email","~*.something@domain.com")]', 'hint': None, 'message': 'Unexpected param or filter missing operator'} https://postgrest.org/en/stable/api.html#operators any thought?

I'm planning to implement a shared auth state between the website and a chrome extension, has anyone tried or know how to possibly implement a share state between the two?

Hi all, I run a function when a user is signing up and this trigger is set to do it's thing BEFORE an insert on auth.users. What it does is it generates a tenant_uuid and inserts this uuid in the users metadata. This all works very nicely, however, I discovered that in development I have email verification disabled and I get to login immediately after signing up. The token that is then returned does not include my tenant_uuid. What can I do to make sure it sits in there immediately?

Hello, i'm following this tutorial https://supabase.com/docs/guides/getting-started/tutorials/with-nextjs#set-up-a-login-component and in my next js 13 application, when i try to sign up i gett error, is there anything else i should do?

Hey Out of curiosity is it possible to get relational data without there being an FK mapping. So if I have something called adress_id in the user table, could i query the adress table with that ID in the same query like you could if it was a FK?

I've copypasted the middleware example from here https://supabase.com/docs/guides/auth/auth-helpers/nextjs#auth-with-nextjs-middleware I've got a login button on my index page which signs into github like so

js
  async function signInWithGithub() {
    await supabaseClient.auth.signInWithOAuth({
      provider: "github",
      options: {
        redirectTo: "http://localhost:3000/dashboard",
      },
    });
  }

However when I get redirected to the dashboard page, the middleware does not fetch the session as it returns

null

. If I reload the page the session gets fetched correctly on the middleware. What could be the issue? 🤔

I saw that you were supposed to do something like this:

supabase.auth.signUp({email: "email", password: "password"}, {redirectTo: "http://localhost:8910/account"})

I've done the below with RedwoodJS, but I don't get redirected. The user gets created. I've also set the redirect url(s) in Auth -> settings -> config url.

const { logIn, signUp } = useAuth()

  const handleSign = async (email, password, signMethod) => {
    try {
      setLoading(true)
      # signMethod is either logIn or signUp from useAuth()
      const { error } = await signMethod(
        {
          email,
          password,
        },
        {
          redirectTo: 'http://localhost:8910/account',
        }
      )
      if (error) throw error
    } catch (error) {
      alert(error.error_description || error.message)
    } finally {
      setLoading(false)
    }
  }

Error response from daemon: pull access denied for public.ecr.aws/supabase/postgres, repository does not exist or may require 'docker login': denied: Your authorization token has expired. Reauthenticate and try again

Hello everyone, I am developing an edge function and I would like to test it locally. Such function uses the supabase JS SDK to perform several inserts, and it needs to be callable only by registered users. As far as I understand, functions can be called by anyone by default (correct me if I am wrong) thus in my function I need to check the validity of the JWT token in the request header for my scenario. I setup and ran a local supabase instance with the supabase CLI, but I wonder how do I actually register a dummy user, log it in, and obtain its JWT for testing? The documentation doesn't seem to focus much on testing scenarios... Thanks a lot for any feedback!

Hello all:) I'm new to supabase, how I'm supposed to retrieve the data from a bucket which includes the information about the folders and its respective files through a GET request. I'm working with Kotlin (ktor-server-side), I've gone through documentation but couldn't find a solution. Thank you;)

Is there a way to prevent users from signing up through 3rd party auth? (i.e. users are able to sign up through signing in with my google auth, despite not having an account)

I send an object with empty strings, and it creates a new row, and in the supabase app it says EMPTY. Should I set the default state to null instead of an empty string in the object I want to send?

I just want make sure I handle all possible errors in my application.

When I call

supabase.auth.sign_up()

with a duplicate account, how do I catch the error? This is essentially what my code looks like, but e is blank instead of returning 'duplicate account' or an error like that.

try:
  user = supabase.auth.sign_up(email=email, password=password).json()
  return user
except Exception as e:
  print(e)

Thank you very much in advance!

I am simply trying to list all users in a SvelteKit endpoint.

js
import { createClient } from '@supabase/supabase-js';

const supabase = createClient(SUPABASE_URL, SUPABASE_KEY)

export const GET = async () => {
  console.log(await supabase.auth.admin.listUsers());
};

This fails with an AuthRetryableFetchError, as well as any other auth actions I try to take. Anything with .from() all seems to work, returning and updating data just fine. I am using the service_role key. This is all on localhost.

Hi, I'm using supabase-js v2 lib in supabase Edge Function. I'm trying to save to storage pdf. Problem is with encoding because I'm creating file but when open it only blank page show... On entrance I have a UTF-8 no BOM string. There could be a problem with upload contentType param as well? I have using application/pdf only. What encoding should I use? Any help is most welcome:)

Hello! I have the following query which does not work:

const { data: quotes } = await supabaseClient
        .from('view_random_quotes' as unknown as 'quotes')
        .select('*,quote_categories(name)')
        .lte('LENGTH(quote)', 50)
        .eq('quote_categories.name', categoryName)
        .limit(5)
        .throwOnError();

My two questions are: 1. How can I make the

LENGTH

filter work? Right now it says

column view_random_quotes.LENGTH does not exist

2. The resulting data (after removing the length issue) does not provide me the

quote_categories.name

value. How can I have supabase include that result?