eg. (512x512 max resolution)

Trying my luck here: Has anyone tried implementing a collaborative text editor on top of Supabase before? Or have ideas about how to go about doing so? Have a friend looking to do so on top of Supabase. Info from friend: > I am implementing a collaborative text editor using a server-client model where the server connects to the client using websockets.

I get a

new row violates row-level security policy for table "results"

error while inserting the data. Insert is supposed to be public:

CREATE POLICY "Enable select for owner" ON public.results FOR SELECT USING (...);
CREATE POLICY "Enable delete for owner" ON public.results FOR delete USING (...);
CREATE POLICY "Enable insert for public" ON public.results FOR insert with check (true);
CREATE POLICY "Enable update for public" ON public.results FOR update using (true) with check (true);

How can I debug this?

@User this might help https://github.com/supabase/supabase/discussions/2448

@User this might help you out, https://github.com/supabase/supabase/discussions/2448

Github actions .env anon url keys

Oh my god I accidentally updated all rows' column from one table 😰 how do I undo it?

Once a transaction is committed to Postgres, that's it. You might be able to use a point-in-time recovery, but I'm not sure how easy or difficult it is (details at https://stackoverflow.com/a/51890407), especially if you're not self-hosting - you might have to contact support to see if they can help

is there any backup on postgres? anything at all?

on supabase i mean

Dashboard > Database > Backups, but not on the free plan

Ok RIP me, thanks

Thank you! I was able to get it figured out 👍🏼

I repost my question hey everyone ! hope you doing well I am building an app using supabase and putting my project on github, my .env that contain the url and anon key is gitignore to be sure, however I am using github actions to automate some task like building the app and uploading it to a gh-pages branch to try out, my problem is : since I don't put the .env file to github, github actions do have access to the keys and therefore when github action build the app there is no connection to the api I tried putting a 'secrets' key on github and referencing it with VITE_SUPABASE_URL= ${{ secrets.VITE_SUPABASE_URL }} but it doesn't seem to work does anybody have any clues on how I can achieve that ? thanks

Or is there a risk to upload url and anon key to a public repo ?

is there any rust orm that works with supabase? https://i.tricked.pro/U7YVnj so far ive tried tokio postgres sqlx and diesel and couldnt get any to work with supabase ^ getting that error how im connecting: https://i.tricked.pro/dCRSLG and im just using execute to run the query

Your client side environment file should not contain any secret/sensitive information, which the Supabase URL & anon key isn't - therefor it is perfectly fine to version control your environment file, and package it, don't worry. 🙂 (if you of course haven't put anything secret in there)

ok but anyone with the url and anon key will be able to make any api request and call ?

What about if I need to access data from a third party api?

How do I securely do that.

A backend API has access to process.env, so you'd pass them in as env variables, or use a dotenv package with a .env file

How do I use supabase authentication for both the backend api and react app.

Does the backed api inspect the jwt sent from requests coming from the react app? Or..

I suppose that may be what the secret key in the supabase dashboard is for. But that feels jank.

Yes, but with the anon role, which is what all non authenticated users visiting your site basically is. This is where Row Level Security comes in. You need to make rules for your tables in your database to secure it. 🙂

Decode the JWT, use that to look up the user, ????, profit

@User Watch this

I was gonna do that but it felt like it was insecure. Idk why 😂

I overthink security too much.

Hehe, as you should, but to the point where it doesn't stop your progress. 🙂 For every request sent from the client, the JWT is sent along. The backend(Supabase) checks this JWT by decoding it with the JWT Secret (that you can find in your Supabase settings) to see who it is making the request and to verify it hasn't been tampered with.