Hello , I'm a university student working on exam project, I've searched the net and asked my other dev friends about a solution for my necessities, which are : - Having a database containg a simple table with information for a file - An actual storage linked to the database which will serve files to the database user Supabase seems to cover both my needs, I'm new to the postgres DB and it's features since the only experince I had is with Orcale SQL so I'm utterly failing to understand how it works for users. What I'm trying to do is simple: 1) Create a user/role for postgres database with username and password for each new user. 2) Let the user log in via SCRAM url string ( using python ) 3) Let the user read and search the database table for file metadata ( containing AES public keys for decrypt a file) and get the corrisponding path /link to the file in the storage bucket 4) Let authenticated user get the corresponding file from the storage I'm failing at point 1 right now since I cannot grasp how the supabase user system works, for instance I don't need OAuth or even email sign ups, so I've disabled them all. In the tab Roles I can see all roles/user for the database but cannot add one or edit these roles. I'm just needing a working set-up for a proof of concept, nothing too sophisticated. Thanks for those who can point me in the right direction.

The auth integrated into Supabase isn't as complicated as it seems. Every user that is registered will have the 'authenticated' role. The concept of 'admin' and 'regular' users could be handled in several ways, but one common approach is to have certain columns in the users table which specify whether a certain feature is available for that user. For example, if an admin can delete a file, they might have the value of

delete_files

set to

true

for their row. You would then setup some RLS policies which check the row of the user (using the built-in

auth.uid()

function to get their user ID, and then retrieve their row based on this - and then checking if

delete_files

is true or not). Login is handled via a REST endpoint. The email and password of the user is sent to Supabase, and assuming their details are correct, Supabase will respond with a JWT. If you were to decode this, you would see values such as

access_token

and

id

. In terms of actually setting up users, you can invite users manually, but I believe that they still need to confirm their email address. It should be possible to manually add a user via SQL if necessary, though I've not looked into this so I'm not sure of what the script would look like.

I've understand the situation. So the system is set up in a way that postgres is strictly entangled to the Auth subsystem. I've tried to use the SQL editor and launch the

createuser

command but it failed , maybe it's not allowed or I used wrong syntax. In the end seems that I must cope with the existing structure of roles and user and edit the user table. I've added RLS to my test table for the file metadata and wrote a template for a policy to let it be read only for

authenticated

roles. I guess is something to start with.... still better option than dealing MongoDB gridFS I guess Thanks for the answer