Hey, I'm using Twilio phone auth in an app (not th...
# helpa
aar2dee2
03/31/2022, 5:45 PMHey, I'm using Twilio phone auth in an app (not through Supabase Auth because I'm using WhatsApp verify codes, not SMS OTPs). I want to then create profiles for the user in Supabase and allow user to access the data when phone has been verified. What's a good way to do this?
(Essentially the user needs to be able to access their account data once their phone has been verified using Twilio auth without having to authenticate through Supabase as well)
n
Needle
03/31/2022, 5:45 PMHello @aar2dee2!
This thread has been automatically created from your message in #843999948717555735 a ``few seconds ago``.
Pinging @User so that they see this as well!
Want to unsubscribe from this thread?
Right-click the thread in Discord (or use the ... menu) and select Leave Thread to unsubscribe from future updates.
Want to change the title?
Use the
/titleNeedle
03/31/2022, 5:46 PM🆕 create user when verified through another auth provider
s
sylar815
03/31/2022, 5:57 PMDo you plan to use RLS?
n
Needle
03/31/2022, 5:57 PMcreate user when verified through another auth provider
a
aar2dee2
04/02/2022, 2:31 PMideally, yes. The user should be able to see only their data in the profile table
s
sylar815
04/02/2022, 5:08 PMThen, you need to use supabase auth too.
sylar815
04/02/2022, 5:10 PMWhat you can do use send OTP, via functions to WhatsApp too, along with sms.
a
aar2dee2
04/02/2022, 5:11 PMthis sounds great. So I should make a request to the Twilio client from Supabase itself?
s
sylar815
04/02/2022, 5:16 PMSend OTP via twilio and once you get the OTP you use supabase function yo send message via whatsapp
a
aar2dee2
04/06/2022, 9:06 AMthanks for this! trying a different approach - verifying directly through Twilio's Verify service and then signing up on Supabase with phone + password without requiring phone verification again. Is that a secure approach?
s
sylar815
04/06/2022, 10:39 AMyou wont be able to reset the password
sylar815
04/06/2022, 10:39 AMwill you login everytime via otp or password?
a
aar2dee2
04/08/2022, 3:11 AMPreferably via OTP
s
sylar815
04/08/2022, 7:23 AMthen you can use supabase twilio, no need to use twilio independently
a
aar2dee2
04/08/2022, 7:55 AM*WhatsApp OTP
aar2dee2
04/08/2022, 7:56 AMMy app requires users to have a valid WhatsApp account. Hence, I need to verify using a WhatsApp code, not an SMS otp
aar2dee2
04/08/2022, 7:56 AMIf I verify with Supabase auth, then also send the code on WhatsApp, the user can still sign up whether or not they have an active WhatsApp account
s
sylar815
04/08/2022, 8:27 AMokay, got it.
it's a hacky solutions, how you will sign in again? you need to remember password for each users?
or you will keep some default logic,
a
aar2dee2
04/08/2022, 10:29 AMyea, that's what I'm stuck on. Ideal sign in approach has to be phone + password, but if the user forgets password, I could initiate the phone verification via WhatsApp again and allow password reset (not sure how I'm going to implement this, though)
s
sylar815
04/08/2022, 11:32 AMYou need to setup the password with some predefined logic which you pass it on later
g
gerry
06/27/2022, 1:40 AM@aar2dee2 did u end up figuring out a good solution for this?