jwt VS gotrue

We use https://github.com/golang-jwt/jwt but have needed to hack our way around it as our issuer service sends floats.

But If you don't know security....I wouldn't specifically and only because you have to know security it's self but I mostly use https://github.com/golang-jwt/jwt because I never said I was a security master but I rely on it to make sure everything is hashed and no holes are in my code because this specifically relates to security and not with building out a service. There is a monumental difference.

Hey folks... so supabase has yet to implement anonymous sign in ... Curious if I'd be able to accomplish the following, and whether the following is a big no-no.

The user/session/error all will be null. I was a bit worried Apple OAuth on mobile wouldn't be supported by Supabase's Go True library, but I stumbled upon a PR which adds support Fix: Add id_token grant flow

A few months ago while I was exploring the Supabase project, I found some issues tagged with good first issue on the repository supabase/gotrue

The advantage of ORY was that it required this somewhat custom frontend (since it's not password based) -- I'm not sure how much easier that would have been with Keycloak (my guess is it would have been harder), and I haven't used Authentik before so I'm not sure.

Keycloak is definitely more setup and a bit more clunky. I've never deployed Authentik though, I really need to kick the wheels on it and see how it works.

BTW in the simple auth/login space there is also:

- Keratin[0]

- GoTrue[1] (and Supabase's improved version[2])

- Authelia[3]

[0]: https://keratin.github.io/authn-server/#/

[1]: https://github.com/netlify/gotrue

[2]: https://github.com/supabase/gotrue

[3]: https://github.com/authelia/authelia

Continue to use the Auth server (self-hosted): https://github.com/supabase/gotrue

I'm also working on a Vue 3 + Supabase project recently and came across this issue (similar to 23 and 143). In short, after the user is signed in, supabase.auth.user() still returns null and seems like it takes supabase some time to change the user object. The author suggested to use onAuthStatusChanged() listener however I don't know where to declare it. I see that you call onAuthStatusChanged() in router.ts file, would it be different if I call it inside onMounted() method in App.vue, or after app.mount() in main.ts?

It has support. https://github.com/supabase/gotrue/blob/master/api/provider/linkedin.go

In Supabase we use a separate Auth server [0]. This stores the user in an `auth` schema, and these users can login to receive a JWT. Inside the JWT is a "role", which is, in fact, a PostgreSQL role ("authenticated") that has certain grants associated to it, and the user ID (a UUID).

Inside your RLS Policies you can use anything stored inside the JWT. My cofounder made a video [1] on this which is quite concise. Our way of handling this is just an extension of the PostgREST Auth recommendations: https://postgrest.org/en/v9.0/auth.html

[0] Auth server: https://github.com/supabase/gotrue

[1] RLS Video: https://supabase.com/docs/learn/auth-deep-dive/auth-row-leve...

{supabase ceo}

You can! A lot of people do. Or you can use the Auth server directly: https://github.com/supabase/gotrue