Yes. So user login ==> sends cookie to nextjs api ...
# helps
Señor Bruno
10/21/2021, 9:32 AMYes. So user login ==> sends cookie to nextjs api ==> api uses cookie to get for example data from the "User Profile" database ==> if auth == ok returns data back to the client side. I want to be able to use server side rendering with the data from the database
j
jonny
10/21/2021, 9:53 AMI'm guessing your doing SSR for a particular reason but just to check anyway.
Since I'm guessing your already dealing with authentication on the client side (using supabase-js) you could just fetch things like user profile directly from the client.
having Row level security on your tables will securely allow read/write access to certain rows depending on which user is authorised.
It would also save the extra hop of having to request from your own nextjs api, which will just do the same request to supabase than if you did it directly from the client.
jonny
10/21/2021, 9:56 AMsome more about this here
https://nextjs.org/docs/basic-features/data-fetching#fetching-data-on-the-client-side
jonny
10/21/2021, 10:01 AMalthough, probably the solution your after is something like this example.
example app:
* Supabase authentication client- and server-side (API routes), and SSR with auth cookie.*
https://github.com/supabase/supabase/tree/master/examples/nextjs-auth
specific page where getServerSideProps runs, which gets a user profile/session:
https://github.com/supabase/supabase/blob/master/examples/nextjs-auth/pages/profile.js
s
Señor Bruno
10/21/2021, 12:37 PMyea, I see. Thanks
e
emilioschepis
10/21/2021, 1:48 PMHey this sounds like the exact issue I have right now, let me clarify my question:
emilioschepis
10/21/2021, 1:49 PMThe auth part is working perfectly. Is there no way to currently make the first query from the server as if the user was doing it?
emilioschepis
10/21/2021, 1:50 PMBasically, I would like to query my_table respecting RLS but still on the server.
j
jonny
10/21/2021, 6:17 PMI haven't tested this, but maybe this might help - to use supabase on server side 'as if a user is logged in', I think you need to set the auth.session access_token manually.
Copy code
// make sure you have initialised supabase client with *anon key*
// do not use the service key
const supabase = createClient("https://xyzcompany.supabase.co", "public-anon-key")
// you'll need to get access_token from localStorage somehow
// then set the access_token in auth.session
supabase.auth.session = () => ({
access_token: access_token,
})
// now all requests to tables should be done as if by the logged in user
const { data, error } = await supabase.from('countries').select('*')jonny
10/21/2021, 6:18 PMkudos to this comment in GitHub
https://github.com/supabase/supabase/issues/347#issuecomment-751295241
jonny
10/21/2021, 6:24 PM**
for anyone reading this, you can also just use supabase-js in client - you don't need to use it server side like in the examples above.
with row level security enabled on your tables, you can safely query the database from the client.
no more APIs fetching data for you 😄
e
emilioschepis
10/21/2021, 7:07 PMThank you jonny, I'll definitely try that. I mostly wanted to do it on the server to avoid the first loading state... although I must say that network responses are super quick, so that might not be needed.
j
jonny
10/22/2021, 2:45 AMThis might be of interest.
Vercel talk about this a lot, having static pages that have client side fetching.
I think most of Vercels own dashboard works like this
https://vercel.com/blog/nextjs-server-side-rendering-vs-static-generation#shopping-cart-page-static-generation-without-data,-combined-with-client-side-fetching
e
emilioschepis
10/22/2021, 6:10 AMThat's a super interesting read, thank you @User !