Skip to content

Latest commit

History

History

remix-auth-supabase

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
app
app
public
public
.env.example
.env.example
.eslintrc.js
.eslintrc.js
.gitignore
.gitignore
README.md
README.md
package.json
package.json
remix.config.js
remix.config.js
remix.env.d.ts
remix.env.d.ts
sandbox.config.json
sandbox.config.json
tsconfig.json
tsconfig.json

README.md

Remix Auth Supabase

Authentication using Remix Auth with the SupabaseStrategy.

Preview

Open this example on CodeSandbox:

Open in CodeSandbox

Setup

  1. Copy .env.example to create a new file .env:
cp .env.example .env
  1. Go to https://app.supabase.io/project/{PROJECT}/api?page=auth to find your secrets
  2. Add your SUPABASE_URL and SUPABASE_SERVICE_ROLE in .env
SUPABASE_SERVICE_KEY="{SERVICE_KEY}"
SUPABASE_URL="https://{YOUR_INSTANCE_NAME}.supabase.co"

Using the Remix Auth & SupabaseStrategy 馃殌

SupabaseStrategy provides checkSession working like Remix Auth isAuthenticated but handles token refresh

You must use checkSession instead of isAuthenticated

Example

This is using Remix Auth, remix-auth-supabase and supabase-js packages.

Thanks to Remix, we can securely use server only authentication with supabase.auth.api.signInWithEmail

This function should only be called on a server (loader or action functions).

鈿狅笍 Never expose your service_role key in the browser

The /login route renders a form with a email and password input. After a submit it runs some validations and store user object, access_token and refresh_token in the session.

The /private routes redirects the user to /login if it's not logged-in, or shows the user email and a logout form if it's logged-in.

Handle refreshing of tokens (if expired) or redirects to /login if it fails

More use cases can be found on Remix Auth Supabase - Use cases

Related Links