SQL
-- 创建一个公开用户表
create table public.users (
  id          uuid not null primary key, -- UUID from auth.users
  email       text unique,
  nickname    text,
  avatar_url      text,
  updated_at  timestamp with time zone default timezone('utc' :: text, now()) not null,
  created_at  timestamp with time zone default timezone('utc' :: text, now()) not null
);

-- 新增一行用户数据的函数
create function public.handle_new_user()
-- 权限：https://github.com/supabase/supabase/discussions/306#discussioncomment-138424
returns trigger as $$
begin
  insert into public.users (id, email, nickname)
  values (new.id, new.email, split_part(new.email, '@', 1));
  return new;
end;
$$ language plpgsql security definer;

-- 每当新用户注册时就触发上述函数
create trigger sync_user
  after insert on auth.users
  for each row execute procedure public.handle_new_user();

-- 创建用户表 RLS
alter table public.users enable row level security;

create policy "用户数据可以被所有人查看"
  on public.users for select
  using ( true );

create policy "只有自己才可以插入自己的数据"
  on public.users for insert
  with check ( auth.uid() = id );

create policy "只有自己才可以更新自己的数据"
  on public.users for update
  using ( auth.uid() = id );

-- 头像存储
insert into storage.buckets (id, name)
values ('avatars', 'avatars');

create policy "图片是公开的"
  on storage.objects for select
  using ( true );

create policy "登录用户才可以上传"
  on storage.objects for insert
  with check (
        role() = 'authenticated':: text
    );