auth-helpers
auth
auth-helpers | auth | |
---|---|---|
18 | 45 | |
886 | 1,172 | |
1.2% | 3.9% | |
8.3 | 9.4 | |
9 days ago | 5 days ago | |
TypeScript | Go | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
auth-helpers
-
Supabase Authentication Issue with Next.js 13.4 - !session vs !user
I have encountered a similar issue, but I haven't fully found a solution yet. Currently, I'm using the getSession function throughout my server components. Yesterday, I tried running a middleware to refresh the user's session, based on this example: https://github.com/supabase/auth-helpers/blob/main/examples/nextjs/middleware.tsx. This caught my attention because the comment mentioned that the middleware is necessary for any Server Component route using createServerComponentClient. Right now, I'm testing this approach, and so far, I haven't been logged out since yesterday. Do you have that in your application? The main difference between getSession and getUser in supabase is that getSession reads the cookies and is very fast (around 1-2 ms), while getUser makes a call to the supabase API with the access token to retrieve the user and I would assume they also verify the JWT on their end.
-
SvelteKit is awful for building PWAs
F.ex. Have a look how supabase-auth-helper-sveltekit works. This is the "SvelteKit way" to approach authentication. It also works perfectly with invalidate to reload or invalidate data that is connected to the current user session. As pointed out already, there is no reason you should not be able to access your JWT.
-
Supabase Beta May 2023
We have updated the Next.js Auth Helpers package to make it available across the client and server of the App Router. They also now implement server-side auth by default with PKCE - meaning the entire auth flow is now possible server-side.
-
Need some help with auth and nextjs13 (using app folder) that I just can't seem to wrap my head around something trivial
Example
- When to use which - page.ts VS page.server.ts
-
Help with basic Supabase setup on Next.js?
seems like known issue https://github.com/supabase/auth-helpers/issues/497
-
Use base gotrue api instead of auth helper
auth helper for sveltekit: https://github.com/supabase/auth-helpers/tree/main/packages/sveltekit
- How to add protected routes with server components?
- Issues with Sveltekit and Supabase Authentication
-
What do you think about handling protected routes and redirects in middleware?
I do think checking auth in a server component would likely be better for your use here. Supabase has a nice example here: https://github.com/supabase/auth-helpers/tree/main/examples/nextjs-server-components They have a simple case with Middleware, but you wouldn't need to do it that way. Can use "redirect(/login)" from the server component.
auth
-
Supabase Auth now supports Anonymous Sign-ins
Supabase Auth now supports anonymous sign-ins, one of our most-requested features by the community.
-
Supabase – General Availability Week
People keep writing this, doesn't Supabase rely on spinning up additional services to leave, meaning you can't leave to another managed offering?
Off the top of my mind, PostgREST and go-true? https://github.com/supabase/auth
-
If you use Postgres you're "locked" into Postgres: a technology with a laundry list of providers.
If you leave Supabase, you'll lose the fully managed aspect of 99% of the Postgres providers out there, which confirms the pain the parent comment is describing.
-
Ask HN: Microsoft crawls private links – how can this be legal?
> Microsoft scans to check the website contains malware. IMHO the security blunder is a self-implemented magic link.
It's not self-implemented, you can check it out here: https://github.com/supabase/gotrue
> Not password protected if the password is part of the URL.
It's a token that's valid for a couple of minutes – just like a password reset token. Indeed, in the given implementation, it's the very same as the password reset token. If you consider this implementation as "not password protected", any website with a password reset functionality is "not password protected".
-
Supabase Local Dev: migrations, branching, and observability
I hate to be this guy, really. I would like to adopt Supabase in company, but I cannot yet.
I commented on a HN post almost a year ago about how hard is to do custom Auth with Supabase. I still haven't find a good solution about it. For example, LDAP Auth is quite crucial in most enterprise settings, yet I have no idea how to do it with Supabase. I can find a workaround for PostgREST by putting a secondary API written in some other language and fiddling with reverse proxies. But how to do with Supabase, such that all other services (realtime,...) works nicely? Is it so hard to provide a function that accept a custom strategy given the HTTP request data?
I created an issue[0] almost a year ago on Supabase, which was transferred to Gotrue. I even provided some code examples from Laravel. Even if it is not specifically for LDAP, make some API available to do so, please.
[0] https://github.com/supabase/gotrue/issues/904
- T3 Stack Template : Supabase (w/ Auth + DB) and Shadcn-UI Basic Setup
-
Is there complete documentation of the auth REST API anywhere?
Yes there is, it's just not pretty yet: https://github.com/supabase/gotrue/blob/master/openapi.yaml
- How do you implement authentication with nextjs frontend and golang backend?
-
Use base gotrue api instead of auth helper
The gotrue api: https://github.com/supabase/gotrue
-
Securing a nextjs api with supabase auth
Validation happen inside of the GoTrue: https://github.com/supabase/gotrue... but you don't need it on your own, non supabase, server side resources... that's the beauty of JWT. You can validate JWT in any back-end / language, by simply checking the signature against HS256 key.
-
Junior dev. Struggling to understand how the out-of-box Auth component works.
Supabase use gotrue for Auth, you can poke around in the code & read more about it here: https://github.com/supabase/gotrue
What are some alternatives?
sk-auth - Authentication library for use with SvelteKit featuring built-in OAuth providers and zero restriction customization!
supabase-nextjs-auth - Example project implementing authentication, authorization, and routing with Next.js and Supabase
sveltekit-prisma-example
frank_jwt - JSON Web Token implementation in Rust.
nextjs-supabase - Multi-tenant NextJS 13 + Supabase
jwt - Community maintained clone of https://github.com/dgrijalva/jwt-go
sveltekit-firebase9 - a simple todo app with sveltekit and firebase 9
supabase - The open source Firebase alternative.
supabase-auth-helpers - A collection of framework specific Auth utilities for working with Supabase. [Moved to: https://github.com/supabase-community/auth-helpers]
core - 🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
tailwindcss-forms - A plugin that provides a basic reset for form styles that makes form elements easy to override with utilities.
supabase-js - An isomorphic Javascript client for Supabase. Query your Supabase database, subscribe to realtime events, upload and download files, browse typescript examples, invoke postgres functions via rpc, invoke supabase edge functions, query pgvector.