https://supabase.com/ logo
Join Discord
Powered by
Hey y'all, I'm trying to mimic the `todos` table s...
# help
b
Hey y'all, I'm trying to mimic the 
todos
table setup from the Supabase templates. I'd like users to be able to to all of the CRUD operations (
INSERT
, 
SELECT
, 
UPDATE
, 
DELETE
) on their own data. I've set up a table that looks like the one above, and set up RLS as shown above. I'm running into an issue where a logged in 
user
is unable to 
SELECT
any data at all. There are no errors in the API request, just seeing an empty array 
[]
for the returned 
data
object. The only difference between my table and the example 
todos
table are a few of the column names, one of which being 
userId
in my table versus 
user_id
in the example table. Could that make a difference? If so, why? Here is my source code if you're interested in taking a peek. https://github.com/bradgarropy/next-todo
g
As long as you quote the columns everywhere you use them, camelcase should be fine even in RLS, although I stick the postgres preferred underscore way. It is possible your user is not logged in when you make the request, result would be the same. Try using auth.role() = 'authenticated' as a test. Then auth.role() = 'anon' if that does not work to see if user is logged in.
b
Okay, great suggestions! I tried 
auth.role() = 'authenticated"
and I was still not able to see any 
todo
items. I feel like I do have a logged in 
user
because I can see the 
supabase.auth.token
entry in local storage. Switching over to 
auth.role() = 'anon'
allowed me to see all 
todo
items, even those that were not created by my user. So, it's something about my user not being logged in, or not being passed along to supabase? Does it matter what key I use when I create the 
supabase
client? Currently I'm using the 
public / anon
key. Any other suggestions maybe?
g
Yeah you are definitely not logged in when you make the call. You can look at the network request and should see a header with a "long" jwt:
versus a short one or none:
b
Ohhhhh! I'm running the code to fetch the todos on the server (
getServerSideProps
)! There is no user present there at that time!
Copy code
typescript
    const {data: todos} = await supabase
        .from<Todo>("todos")
        .select("*")
        .order("createdAt", {ascending: false})
I was actually struggling to find this information last night, how do I get my user information / make authenticated 
supabase
calls from the server?
g
Yeah, search around here (upper right) on SSR or next.js or node etc. This is discussed alot, but I don't run any code on server so would have to search for someone else's answers.
b
I will definitely do that, just hopped into this Discord this morning. I found a decent article here about using cookies to accomplish it. https://dev.to/sruhleder/protected-routes-with-supabase-and-nextjs-381k I'll loop back around if I need any additional assistance. Thanks for helping me troubleshoot!
PreviousNext
Powered by