-
Notifications
You must be signed in to change notification settings - Fork 176
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RLS not working after sign-in #185
Comments
Hi, using the signed-in user's bearer token has not yet been implemented. I am planning on getting to this soon-ish. |
This needs some work to be done on postgrest-py first (as in, it isn't directly supported as such). I'm working on that right now, and it should be done by the end of this week, and when that's done we'll make a new release of postgrest-py and have it work here. In the meantime you could do something along the lines of: client = create_client(SUPABASE_URL, SUPABASE_KEY)
session = client.auth.sign_in(email, password)
postgrest_client = client.postgrest
postgrest_client.auth(session.access_token)
# run queries
client.auth.sign_out()
postgrest_client.auth(SUPABASE_KEY) # go back to using the anon key |
Thanks @anand2312 this clears things up indeed. The workaround works flawlessly in the mean time! |
+1, coming from #272 edit: I'd like to link #247, since this is an equal issue and to keep track of both! |
@timreibe 👍🏼 done. Perhaps this issue should be pinned for better visibilty |
Are there any updates on this? :) |
Hey @nielsrolf, Thanks for the query! Seems like this is related to #272 - let me pin the issue as well |
Any updates on this? |
How would this work if I'm using oauth (with google as a provider for example)? |
I have the same question as @0xDeadcell |
@anand2312 Hey just checking up, can I now instantiate a supabase instance with a anon key? I don't want to use a username/pw. |
You should be able to - does passing the anon key to |
This oneline do the job
if As @0xDeadcell mentioned, to have authentication works again, after signout, restore the
|
The latest v1.1.0 release of the |
Awesome than you Andrew!
…On Sat, Sep 30, 2023 at 9:58 AM Andrew Smith ***@***.***> wrote:
The latest v1.1.0 release of the supabase-py library fixes this issue.
—
Reply to this email directly, view it on GitHub
<#185 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/BBFFGPW67J7KYLE3ZNGIES3X5BFSNANCNFSM5TCW5IAQ>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Describe the bug
After signing in a user using
supabase-py
a user is correctly returned with it's acces_token etc. However if I try to insert or select a row in a table with RLS enabled it seems the client does not correctly send the requests as being authenticated by that user. Only the tables without RLS seem to be working. The error returned by supabase is:Is this currently not supported by supabase-py or is this indeed a bug? Also, if not supported how would one best go about accessing secured tables (e.g. using postgres-py directly).
To Reproduce
The minimal example below highlights this for systems
The text was updated successfully, but these errors were encountered: