https://supabase.com/ logo
#help
Title
# help
r

RichCorbs

09/01/2021, 2:33 AM
I have disabled signup. I want to create records in the public.users table and then corresponding records in the auth.users table via trigger/function and I have this working BUT the auth.users records are not exactly the same as what gets created when signup is enabled. The encrypted password and confirmation token fields are not populated. When this new user tries to sign in it returns "user not found" or something like that. Any ideas on what I should be doing differently?
Are there somehow hidden functions/triggers that create these values? I cannot see any in the database.
I get
Database error finding user
.
The only difference between the signUp-generated auth.users records and mine are the encrypted_password and confirmation_token fields. I'm giving up for the night. Same error as above.
I tried both security/permission choices on the functions. I thought for sure "run as creator" would fix it but no luck.
j

jason-lynx

09/01/2021, 7:09 AM
you mean after you pass in your own encrypted password and confirmation token to
auth.users
, it still is empty?
btw any reason for going from
public.users -> auth.users
instead of the other way around as recommended?
r

RichCorbs

09/01/2021, 12:46 PM
Thanks for looking. Yes, my trigger function creates the auth.users record manually and I don't know the function/algorithm for generating those two fields. They are not empty if I put something in them. I get the error above after (1) creating the new user in public.users, (2) after the trigger function creates the new auth.users record, and (3) after submitting just the new user's email address to sign in via magic link. For my application I don't want (1) users to be able to sign up, (2) I don't want to have to create all new users myself in the dashboard, and (3) I've created UI for teams to add their own users in
public.users
.
Reporting back for posterity. OK, so signing in with just email calls /magiclink which ALWAYS creates a new auth_user. Which isn't what I'm after. I'm after a kind of "pre-approved user" model. The workaround for me was: - I created a function that queries auth.users for an account with an email that matches. - I call that function via rpc and pass in the email. - If the email returns 1 I continue and call signIn. - If the email returns 0 I display an error message. - When I create a public.users record I will also call "signUp" for that user from the front end.