https://supabase.com/ logo
Join Discord
Powered by
seems like it expects auth.uid() to be a UUID wher...
# sql
b
seems like it expects auth.uid() to be a UUID whereas mines set as text
c
the user id is, indeed, a UUID (you can check in the auth.users table)
when you say "it expects" - what is "it"?
b
hey thanks for your help. In the tutorial it has me setup this function
Copy code
create or replace function auth.user_id() returns text as $$
  select nullif(current_setting('request.jwt.claim.userId', true), '')::text;
$$ language sql stable;
Then, the policy on my table is set as 
auth.user_id() = user_id
And I send up a JWT with the userId as a claim
However, I'm still getting"
Copy code
new row violates row-level security policy for table "todos"
c
ok, I see, so you've created this function yourself (as instructed by the tutorial, that is)
b
Yup, and im having trouble debugging. everything looks like it's being sent up correctly, but i cant see if supabase is running that function, if the JWT is incorrectly setup, etc.
c
what version of Postgres is your project using?
it seems that this article uses a way to access the user id claim in a way that, as far as I know, is NOT compatible with Postgres 14 (Supabase recently updated to Postgres 14 for new projects)
b
do you know where i can find that info?
ahh gotcha. That sounds like its it
c
run this
SELECT version();
b
yup. im on 14.1
c
ok, in that case, I think you need to use the following:
current_setting('request.jwt.claims', true)::jsonb ->> 'sub'...not sure why the tutorial is using a 'userId' claim, I think the claim for the user id is 'sub'...in fact, I am not sure why the tutorial suggest to create a new function given that one already exists for exactly this purpose
Given that this is your own function, you can modify it by logging inside it and then you can see the log in the dashboard (Settings -> logs -> Database) - just make sure to log at WARNING level, otherwise it will NOT show up (by log, I mean to use the RAISE statement)
b
Thank you so much! This was really helpful. Do you know where theres documentation on this current_setting function, and the request jwt stuff? It looks like "claim" was renamed to "claims", and we can no longer access the json via the dot notation?
c
the rename was documented in their latest release notes: https://github.com/supabase/supabase/releases
b
ah great. thanks a ton!
c
you can find the actual names of the claims at the bottom of this page: https://supabase.com/docs/learn/auth-deep-dive/auth-deep-dive-jwts (or, if you manually inspect the JWT contents using something like jwt.io)
PreviousNext
Powered by