Hey I m trying to set up Supabase auth with Prisma I ve seen Supabase #help

Hey, I'm trying to set up Supabase auth with Prism...

kvnam

02/21/2022, 10:34 PM

Hey, I'm trying to set up Supabase auth with Prisma. I've seen some threads in the channel for this, but none have any concrete replies. In addition I found a few threads on Prisma's repo with links on how this may be achieved, for example - https://github.com/prisma/prisma/issues/5128. I tried this out,

set

a custom variable

app.current_user_role

on a table which will allow Select only if

app.current_user_role

admin

But when I run this via Prisma, it returns all the rows, irrespective of this value. I wanted to know if this is a good idea at all, or if getting Prisma to work with Supabase auth is still tricky and best not attempted right now? Any pointers in the right direction would be great, thanks!

kvnam

02/21/2022, 10:49 PM

In fact no policy works, as I believe Prisma uses the

postgres

role, which has

User bypasses every row level security policy

set to true

kvnam

02/22/2022, 1:46 AM

Posting here in case it helps any one. I created a new role in Supabase, that only had

LOGIN

permissions, granted it all permissions on all

public

schema tables. I then used these credentials with Prisma. Since this role did not have permission to bypass RLS policies, I was able to run

SET app.current_user_role

through Prisma transactions / executeRaw and add the right checks in the RLS policy accordingly. This worked perfectly as expected.

kvnam

02/22/2022, 1:47 AM

Some posts that helped me - https://github.com/supabase/supabase/discussions/3505 https://github.com/prisma/prisma/issues/3041

3 Views

Previous Next