been getting into supabase, and i have a few questions i guess about best practices 1. so it seems like a ton of API that i would normally have to write has been abstracted away into communicating with supabase directly? all the examples i have found seem to - but it is not entirely elimated, even with postg functions and triggers, right? like just looking at it, i'll need backend stuff for sending password reset requests for example. 2. if something is in public and doesn't have RLS, than anyone can insert / update anything. anything not in public requires a backend API to access? 3. say my api is a list of countries, and i want it to be accessible by anyone whether they're logged in or not - what is the best way to do that? i know there is an anonymous auth user with the api key - RLS with custom policy for select? API function? 4. should i be hiding certain columns? i'm using UUID instead of int ID for most things because ik predictable IDs is a bad practice, but if i don't want users to be able to see or edit everything about themselves - do i just put that stuff into another table? custom functions

Hello @rogerthat52! This thread has been automatically created from your message in #843999948717555735 a few seconds ago. We have already mentioned the @User so that they can see your message and help you as soon as possible! Want to unsubscribe from this thread? Right-click the thread in Discord (or use the ``...`` menu) and select "Leave Thread" to unsubscribe from future updates. Want to change the title? Use the ``/title`` command! We have solved your problem? Click the button below to archive it.