I'm so confused... Like, doing an upsert works... so reading from the table works fine...

I can jump on a call with you in an hour or so if you want to debug together and if it's not a super secret project

That would be great thank you @silentworks

Hello guys! A Little question. Have you tried using supabase on your node server? And make requests from frontend to your custom backend? I was curious how would someone Authenticate Users this way

I think the way I've got it set up isn't sending the user details when it does the db call, which means I get nothing back (because of RLS)?

It would really help if we could just pass the access_token to the backend, give it to the supabase client and do our queries from there

So basically. You have 2 instances of supabase. One on frontend with the anon key, to Take the token, and backend with the super key to make the requests to supabase maybe?

That's the second fold of this scenario. In my case, I want to stick to using the anon key even in from the server... If I have to use the super key, than it means I must also check if the user has rights to the resource they are querying which is already taken care of by rls

Hmm, you are right. Thanks for help

I’ll try making one without the super key, and maybe forward the error from rls to frontend 🤔

Currently, my workaround is to not use the javascript client on my nodejs server but call postgrest api with the anon key and the token passed by the user 😢 painful, I know. But it's secure, I believe

Hmm, So you are just making the requests using something like axios or node-fetch on the server?

Yes, node-fetch. I do still verify the token with the jwt secret though, saves me the trouble of sending a request for something that's invalid

Do you have it on github? I would love to Take a look 😬

I'll share the file here, it's a private repository

Thanks a lot

An express server exposed to nuxtjs as server-middleware

@User It's not neat at all but it gets the job done 🤣

Doesn't matter. Thanks for help 😄 . I'm also into trying nuxt js. So i'll try to combine them

You can DM me and we can jump on a call now if you are available

Thankyou mate! Writing it down before I forget what we did. Created /api/auth

import supabase from '@utils/supabase';

const AuthCookie = async (req, res) => {
  supabase.auth.api.setAuthCookie(req, res);
};

export default AuthCookie;

Updated my auth hook to include:

----other stuff
async function handleAuthChange(event, session) {
  await fetch('/api/auth', {
    method: 'POST',
    headers: new Headers({ 'Content-Type': 'application/json' }),
    credentials: 'same-origin',
    body: JSON.stringify({ event, session })
  });
}

----within context provider
const { data: authListener } = supabase.auth.onAuthStateChange(
      async (event, session) => {
        setSession(session);
        handleAuthChange(event, session);  <---- this
        setUser(session?.user ?? false);
      }
    );

Then on my /api/settings I can call

supabase.auth.setAuth(req.cookies['sb:token']);

which passes the user details back to the server 🙂 Can the setAuth call go in the auth hook somewhere? 🤔

Don't forget -- as of today, this Discord server has THREADS so feel free to make your own thread so people can follow it easier and help you out!

is there a way to do custom psql in supabase-js i need to create a table based on every new user i get but supabase-js doesn't supports it yet so i thought maybe there is any way to run postgresql commands in supabase itself ?

Do you mean the SQL editor in the Supabase dashboard?

isn't that part of ui can it be done in supabase-js itself without using editor ?

Ah apologies, misunderstood!

np

Hey! Is there a way to do the password reset using query params instead of the default way (using hash)?

Running SQL via a front-end would be opening yourself up to a world of SQL injection. From what I can tell, it doesn't route through the regular

/rest/

endpoint, and instead invokes it from a different API entirely. If you need something like this, consider creating a Postgres function and invoking via

.rpc()

.

ooh isee although it's node app so idk much how it's secure but probably won't use it but how will i use rpc if i need the table to be named as user_id (i will be generating that)