Is it possible to sort the results of a foreign key sub-array? Say I have a query like this:

await supabase
.from('Things')
.select('*, other:OtherThings(*)')
.order('created_at')

I want to sort the main results by

created_at

which is on

Things

, but then I want to sort the sub-array

other

by something else

Has anybody else encountered this error when attempting to use 3rd party auth?

Error getting user email from external provider

I'm trying use github

Can I do RLS that only allow commands if certain property is true for that row

I am making a product-page and want to be able to hide products. So public is only allowed to access if

product.public === true

Yes this would be one of the checks in your policy.

How exactly do I write this out. Sorry for such noobish question, but where ever I look for a question seems quite a tad from Supabase which gets me confused :/

Ok, are you using the Dashboard UI to add your RLS policies?

Yeah! I'm trying this right now

However I have not setup the functionality to test it yet. Would this be doable?

Yes. I have done just this a few weeks ago. I'll confirm my project in the UI.

So if you purely want to lock it down for everyone unless it is public, the that shoudl do it for you.

Thanks a lot!! Do you happen to know anything about SvelteKit?

Then you can add more cases to that policy if you want to make non public resources available to their owner, or admins.

I spend most of my time with React. But if you can't figure out your issue I might still be able to help.

SvelteKit has SSR, and this product page use the server-side-rendering to speed things up. I am however unsure as to how I should properly pass the Supabase state to the webpage

oh

ok well that is a general problem

I've been doing SSR with remix lately

It works on the server pretty well, except auth is a bit of a pain, since auth is client focused

To my understanding the session of supabase is saved in Localstorage right?

Yeah, that is the normal path

So before the page has loaded (First page hit), the session has not loaded up, and there is no way to pass the session of the user to the server. Is this right? Or is there a way to ship the session of the user?

With email signups it looks like you can do stuff with the API, but with providers it seems client side only

well you would duplicate the token

and provide it to the server, which can store it as a cookie

there is a callback for the client I use:

supabase.auth.onAuthStateChange(
  (event, session) => {
    const body = { event, token: session?.access_token ?? "" };
      submit(body, { method: "post" });
  }
);

So when I am returned to the client, I can make that call to the back end, and that results in a cookie being created, that is sent with every further request.

export let action: ActionFunction = ({ request }) => {
  return Promise.all([
    cookie.getSession(request.headers.get("Cookie")),
    request.formData(),
  ]).then(([session, body]) => {
    const event = body.get("event");
    const token = body.get("token");

    if (event === "SIGNED_IN") {
      session.set("token", token);

      return cookie.commitSession(session).then((cookie) => {
        return redirect("/", {
          headers: {
            "Set-Cookie": cookie,
          },
        });
      });
    }

    return cookie.destroySession(session).then((cookie) =>
      redirect("/", {
        headers: {
          "Set-Cookie": cookie,
        },
      })
    );
  });
};

This is how I create the cookie in remix (on the server)

None of this is production ready by the way, I've been messing around the last couple weeks.