auth
storage
auth | storage | |
---|---|---|
45 | 20 | |
1,242 | 685 | |
6.2% | 5.5% | |
9.4 | 8.4 | |
2 days ago | 10 days ago | |
Go | TypeScript | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
auth
-
Supabase Auth now supports Anonymous Sign-ins
Supabase Auth now supports anonymous sign-ins, one of our most-requested features by the community.
-
Supabase – General Availability Week
People keep writing this, doesn't Supabase rely on spinning up additional services to leave, meaning you can't leave to another managed offering?
Off the top of my mind, PostgREST and go-true? https://github.com/supabase/auth
-
If you use Postgres you're "locked" into Postgres: a technology with a laundry list of providers.
If you leave Supabase, you'll lose the fully managed aspect of 99% of the Postgres providers out there, which confirms the pain the parent comment is describing.
-
Ask HN: Microsoft crawls private links – how can this be legal?
> Microsoft scans to check the website contains malware. IMHO the security blunder is a self-implemented magic link.
It's not self-implemented, you can check it out here: https://github.com/supabase/gotrue
> Not password protected if the password is part of the URL.
It's a token that's valid for a couple of minutes – just like a password reset token. Indeed, in the given implementation, it's the very same as the password reset token. If you consider this implementation as "not password protected", any website with a password reset functionality is "not password protected".
-
Supabase Local Dev: migrations, branching, and observability
I hate to be this guy, really. I would like to adopt Supabase in company, but I cannot yet.
I commented on a HN post almost a year ago about how hard is to do custom Auth with Supabase. I still haven't find a good solution about it. For example, LDAP Auth is quite crucial in most enterprise settings, yet I have no idea how to do it with Supabase. I can find a workaround for PostgREST by putting a secondary API written in some other language and fiddling with reverse proxies. But how to do with Supabase, such that all other services (realtime,...) works nicely? Is it so hard to provide a function that accept a custom strategy given the HTTP request data?
I created an issue[0] almost a year ago on Supabase, which was transferred to Gotrue. I even provided some code examples from Laravel. Even if it is not specifically for LDAP, make some API available to do so, please.
[0] https://github.com/supabase/gotrue/issues/904
- T3 Stack Template : Supabase (w/ Auth + DB) and Shadcn-UI Basic Setup
-
Is there complete documentation of the auth REST API anywhere?
Yes there is, it's just not pretty yet: https://github.com/supabase/gotrue/blob/master/openapi.yaml
- How do you implement authentication with nextjs frontend and golang backend?
-
Use base gotrue api instead of auth helper
The gotrue api: https://github.com/supabase/gotrue
-
Securing a nextjs api with supabase auth
Validation happen inside of the GoTrue: https://github.com/supabase/gotrue... but you don't need it on your own, non supabase, server side resources... that's the beauty of JWT. You can validate JWT in any back-end / language, by simply checking the signature against HS256 key.
-
Junior dev. Struggling to understand how the out-of-box Auth component works.
Supabase use gotrue for Auth, you can poke around in the code & read more about it here: https://github.com/supabase/gotrue
storage
-
Supabase Storage: now supports the S3 protocol
[3] https://github.com/supabase/storage/issues/439
The Supabase Storage Engine is fully open source and is one of the few storage solutions that offer 3 interoperable protocols to manage your files:
-
What's the simplest solution to sell digital downloads via SvelteKit?
For instance, consider a supabase setup where you place your photos in storage and your orders in a table. Then, have a function run automatically whenever a new row is added to the orders table. That function would be responsible for identifying what the customer bought and delivering it to them.
-
Managify: Manage Your Teams Easily
In this page, I used Supabase Storage to store the files uploaded by the users
-
HELP -> ERROR: function st_point(double precision, double precision) does not exist (SQLSTATE 42883)
-- Create a table for public profiles CREATE TABLE profiles ( id UUID REFERENCES auth.users ON DELETE CASCADE PRIMARY KEY, updated_at TIMESTAMP WITH TIME ZONE, username TEXT NULL, full_name TEXT, profile_image_url TEXT, bio TEXT, sex SMALLINT DEFAULT 0, CONSTRAINT username_length CHECK (CHAR_LENGTH(username) >= 3) ); -- Create a table for channeles CREATE TABLE channeles ( id SERIAL PRIMARY KEY, userRefId UUID REFERENCES auth.users(id), channel TEXT, updated_at TIMESTAMP WITH TIME ZONE ); -- Create a table for geo location CREATE TABLE user_geo ( id SERIAL PRIMARY KEY, userRefId UUID REFERENCES auth.users(id), location GEOGRAPHY(point) NOT NULL, updated_at TIMESTAMP WITH TIME ZONE ); create index user_geo_index on public.user_geo using GIST (location); -- Set up Row Level Security (RLS) -- See https://supabase.com/docs/guides/auth/row-level-security for more details. ALTER TABLE profiles ENABLE ROW LEVEL SECURITY; CREATE POLICY "Public profiles are viewable by everyone." ON profiles FOR SELECT USING (TRUE); CREATE POLICY "Users can insert their own profile." ON profiles FOR INSERT WITH CHECK (auth.uid() = id); CREATE POLICY "Users can update own profile." ON profiles FOR UPDATE USING (auth.uid() = id); -- Set up Row Level Security (RLS) -- See https://supabase.com/docs/guides/auth/row-level-security for more details. ALTER TABLE channeles ENABLE ROW LEVEL SECURITY; CREATE POLICY "Public channeles are viewable by everyone." ON channeles FOR SELECT USING (TRUE); CREATE POLICY "Users can insert their own channeles." ON channeles FOR INSERT WITH CHECK (auth.uid() = userRefId); CREATE POLICY "Users can update own channeles." ON channeles FOR UPDATE USING (auth.uid() = userRefId); -- Set up Row Level Security (RLS) -- See https://supabase.com/docs/guides/auth/row-level-security for more details. ALTER TABLE user_geo ENABLE ROW LEVEL SECURITY; CREATE POLICY "Public geo_location are viewable by everyone." ON user_geo FOR SELECT USING (TRUE); CREATE POLICY "Users can insert their own geo_location." ON user_geo FOR INSERT WITH CHECK (auth.uid() = userRefId); CREATE POLICY "Users can update own geo_location." ON user_geo FOR UPDATE USING (auth.uid() = userRefId); -- See https://supabase.com/docs/guides/auth/managing-user-data#using-triggers for more details. CREATE OR REPLACE FUNCTION public.handle_new_user() RETURNS TRIGGER AS $$ BEGIN INSERT INTO public.profiles ( id, updated_at, username, full_name, profile_image_url, bio, sex, ) VALUES ( NEW.id, NOW(), NEW.raw_user_meta_data->>'username', NEW.raw_user_meta_data->>'full_name', NEW.raw_user_meta_data->>'profile_image_url', NEW.raw_user_meta_data->>'bio', COALESCE(CAST(NEW.raw_user_meta_data->>'sex' AS SMALLINT), 0), ); INSERT INTO public.channeles (userRefId, channel, updated_at) VALUES (NEW.id, NEW.raw_user_meta_data->>'expoToken', NOW()); INSERT INTO public.user_geo (userRefId, location, updated_at) VALUES ( NEW.id, ST_Point(CAST(NEW.raw_user_meta_data->>'lat' AS FLOAT), CAST(NEW.raw_user_meta_data->>'lng' AS FLOAT)), NOW() ); RETURN NEW; END; $$ LANGUAGE plpgsql SECURITY DEFINER; CREATE TRIGGER on_auth_user_created AFTER INSERT ON auth.users FOR EACH ROW EXECUTE FUNCTION public.handle_new_user(); -- Set up Storage! INSERT INTO storage.buckets (id, name) VALUES ('profile_images', 'profile_images'); -- Set up access controls for storage. -- See https://supabase.com/docs/guides/storage#policy-examples for more details. CREATE POLICY "profile_image images are publicly accessible." ON storage.objects FOR SELECT USING (bucket_id = 'profile_images'); CREATE POLICY "Anyone can upload a profile_image." ON storage.objects FOR INSERT WITH CHECK (bucket_id = 'profile_images');
-
Supabase alternatives
For example the storage-api. I was on version supabase/storage-api:v0.29.1 for a long time, until I realized, that there is a new version of it (0.40.1). Fast forward, upgraded everything, checked my application and everything storage related stopped working. From now on it's always the same procedure. Debugging the errors, digging through the code on GitHub, checking commits, issues, etc. After a while I found a bug from 2019 which had exactly the same error as I, tested the workaround and it worked again (partially, workaround).
-
A Rounded Solution to Image Handling on the OpenSauced Dashboard
Alternatively, we could use imagemagick (cli tool for image transforms) + supabase storage to do the same for free.
-
AWS Amplify Is a Grift
[5] https://supabase.com/docs/guides/storage
-
Building a Startup from Scratch: My Mistakes as CTO
Storage
-
Any idea how to limit file upload size ?
We'll probably need to upload other types of assets in the future, so having a way to set the limit per bucket would be nice... There's an issue for this - I may make a PR to implement it at some point.
What are some alternatives?
supabase-nextjs-auth - Example project implementing authentication, authorization, and routing with Next.js and Supabase
supabase - The open source Firebase alternative.
frank_jwt - JSON Web Token implementation in Rust.
supabase-js - An isomorphic Javascript client for Supabase. Query your Supabase database, subscribe to realtime events, upload and download files, browse typescript examples, invoke postgres functions via rpc, invoke supabase edge functions, query pgvector.
jwt - Community maintained clone of https://github.com/dgrijalva/jwt-go
nextjs-auth0 - Next.js SDK for signing in with Auth0
postgrest - REST API for any Postgres database
core - 🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
fastify-multipart - Multipart support for Fastify
fastify - Fast and low overhead web framework, for Node.js