guys what is the difference between anon and authe...
# javascript
r
guys what is the difference between anon and authenticated role? where should I use which?
g
anon role is default with no logged in user. authenticated means the user has signed in
You really don't choose the roles directly if using then normal auth process.
r
I was actually asking because currently I'm having issue with RLS, when I try to make a policy for insert only when user is signed in, I can't add a new row, even though in app I can return the user obj, and I'm actually signed in.
@garyaustin I think that might be because
supabase.auth.user()
is actually returning null for some reason, even after I'm logged in and can see the user data.
g
RLS on insert do you have select policy also?
auth.user gets the user out of the client data structure, if that is null then you don't have logged in user. What do you mean you can see the user data? Oh is this running in the browser or severside?
r
if I use useUser from
@supabase/auth-helpers-react
it shows the logged in user, same happens when I use that server side in Next.js, but if I just use it straight from supabase instance of
supabase.auth.user()
it shows null?
also, I guess the problem it's not with insert only, because even read doesn't work for authenticated users.
even when I make the request it shows the apiKey and bearer token, so I really am lost here.
any idea @garyaustin ?
g
I really don't know the auth-helpers code and strategy. The server and client will both need their respective client supabase initialized (and refreshed) to make calls from either. There is also a way to set the jwt to the client on the fly for future calls. I've seen this done by handling signin and refresh on client and passing the jwt to the server (maybe in a cookie, or as part of the call) and I think there is a way to do the reverse. BUT I don't have server side code in my app I'm working on so have not spent the time to understand it, other than seeing general issues here and github and connecting dots.
r
alright, thank you for the info, I guess I have to tackle down this even more and see if I can somehow connect the dots with other related issues.
r
@garyaustin that was it 🤦‍♂️ thank you!
g
@rinorzk sometimes I'm lucky on connecting dots without reading code... glad to help.