https://supabase.com/ logo
Join Discord
Powered by
hey guys, I got a question regarding RLS Policies:...
# off-topic
i
hey guys, I got a question regarding RLS Policies: how do I enable Read Access for every authenticated user. I've tried
Copy code
sql
CREATE POLICY "Enable access to all users" ON public.ll_templates FOR SELECT USING (auth.role() = 'authenticated');
Other things like using 
EXISTS
does not work either. Has anybody a recommendation?
s
Do you get any error when you tried the above because it should work
i
There is no output client and serversisde
It just returns an empty array
s
Which means the RLS is working, I'm guessing your user isn't authenticated
i
postgres confirms, that my user is authenticated 😄
s
That doesn't mean the user is logged in
Also note that its possible it won't work server side because depending on how you have written the server side code it could bypass RLS altogether
i
As far as I understand it, the JWT is used to determine the policy information. jwt.io decodes my token in the following way:
It does not work in next.js and CRA
s
Are you logging into your app client side? or server side?
i
Both.
b
would it help to check the API you use and test it by postman-like tool ?
s
I'm guessing the supabase-js library is being used, so it should handle the calls correctly.
i
Inserting for authenticated users works, btw
using the examle template
s
When you say both, do you mean you are saving the cookie by making a request to the server-side from the client?
i
correct
however, it does not work on another app, which is using only CRA
s
Are any of these public projects? I can't think of what could stop this from working, so probably easier to see the code or project working.
i
Thank you for the offer. Unfortunately, those projects are private by NDA. I'll try to start another project, with the same premises and let you guys know how it went
And thank you very much for replying to my questions!
s
Ok no problem, let me know how it goes if you get another project setup with the same issue
i
Sure!
To answer the question: It works. Thing is, I needed to set the session token server side with 
supabase.auth.setAuth
.
s
This is what I was asking about above
i
I did not know what you were talking about until I had a closer look thanks to your insight. When setting the token with that method in 
getServerSideProps
while using the same 
supabase
instance, is it recommended to reset the token to the anon key, after the request is finished? Or is there some magic going on which does that automatically?
s
The token will give the same access as the anon key in this case, since it was generated from the anon key request
Looking at the nextjs example you shared, it seems they aren't using the 
setAuth
method at all, maybe that need to be updated. I don't do much in Nextjs do I just knew about that from my Svelte kit project
i
Okay cool. I've pushed the 'working' example here: https://github.com/valerius21/rls-test-supabase-next-ssr/blob/main/pages/table-ssr.js I'd love to take a look at your project. Is it in the supabase/examples repo?
s
I'm writing an article to go with it
PreviousNext
Powered by