Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RLS not working after sign-in #185

Closed
tobias-scheepers opened this issue Apr 11, 2022 · 15 comments · Fixed by #560
Closed

RLS not working after sign-in #185

tobias-scheepers opened this issue Apr 11, 2022 · 15 comments · Fixed by #560
Assignees
@anand2312
Labels
enhancement New feature or request postgrest Issues related to postgrest-py storage Issues related to storage-py

Comments

@tobias-scheepers
Copy link

Describe the bug
After signing in a user using supabase-py a user is correctly returned with it's acces_token etc. However if I try to insert or select a row in a table with RLS enabled it seems the client does not correctly send the requests as being authenticated by that user. Only the tables without RLS seem to be working. The error returned by supabase is:

postgrest_py.exceptions.APIError: {'message': 'new row violates row-level security policy for table "machines"', 'code': '42501', 'details': None, 'hint': None}

Is this currently not supported by supabase-py or is this indeed a bug? Also, if not supported how would one best go about accessing secured tables (e.g. using postgres-py directly).

To Reproduce
The minimal example below highlights this for systems

client = create_client(SUPABASE_URL, SUPABASE_KEY)
session = client.auth.sign_in(email=SUPABASE_MAIL, password=SUPABASE_PASS)
user = session.user

data = {
    "user_id": str(user.id)
}

response = client.table("examples").insert(data).execute()

client.auth.sign_out()
@anand2312
Copy link
Contributor

Hi, using the signed-in user's bearer token has not yet been implemented. I am planning on getting to this soon-ish.

@anand2312
Copy link
Contributor

This needs some work to be done on postgrest-py first (as in, it isn't directly supported as such). I'm working on that right now, and it should be done by the end of this week, and when that's done we'll make a new release of postgrest-py and have it work here.

In the meantime you could do something along the lines of:

client = create_client(SUPABASE_URL, SUPABASE_KEY)
session = client.auth.sign_in(email, password)

postgrest_client = client.postgrest
postgrest_client.auth(session.access_token) 

# run queries
client.auth.sign_out()
postgrest_client.auth(SUPABASE_KEY) # go back to using the anon key

@tobias-scheepers
Copy link
Author

Thanks @anand2312 this clears things up indeed. The workaround works flawlessly in the mean time!

@anand2312 anand2312 self-assigned this Apr 22, 2022
@anand2312 anand2312 added the enhancement New feature or request label Apr 22, 2022
@anand2312 anand2312 added the postgrest Issues related to postgrest-py label May 14, 2022
@anand2312 anand2312 mentioned this issue Oct 2, 2022
Closed
@timreibe
Copy link

timreibe commented Oct 18, 2022
edited
Loading

+1, coming from #272

edit: I'd like to link #247, since this is an equal issue and to keep track of both!
@anand2312: can you add the storage tag aswell?

@anand2312 anand2312 changed the title RLS not workinging after sign-in RLS not working after sign-in Oct 19, 2022
@anand2312 anand2312 added the storage Issues related to storage-py label Oct 21, 2022
@anand2312
Copy link
Contributor

@timreibe 👍🏼 done. Perhaps this issue should be pinned for better visibilty

@nielsrolf
Copy link

Are there any updates on this? :)

@J0
Copy link
Collaborator

J0 commented Jan 23, 2023

Hey @nielsrolf,

Thanks for the query! Seems like this is related to #272 - let me pin the issue as well

@J0 J0 pinned this issue Jan 23, 2023
@J0 J0 mentioned this issue Feb 11, 2023
Closed
1 task
@kamrik kamrik mentioned this issue Apr 18, 2023
Closed
@0xDeadcell
Copy link

Any updates on this?

@0xDeadcell
Copy link

This needs some work to be done on postgrest-py first (as in, it isn't directly supported as such). I'm working on that right now, and it should be done by the end of this week, and when that's done we'll make a new release of postgrest-py and have it work here.

In the meantime you could do something along the lines of:

client = create_client(SUPABASE_URL, SUPABASE_KEY)
session = client.auth.sign_in(email, password)

postgrest_client = client.postgrest
postgrest_client.auth(session.access_token) 

# run queries
client.auth.sign_out()
postgrest_client.auth(SUPABASE_KEY) # go back to using the anon key

How would this work if I'm using oauth (with google as a provider for example)?

@tobias-scheepers tobias-scheepers mentioned this issue May 19, 2023
Closed
@anand2312 anand2312 mentioned this issue Jun 6, 2023
Open
@benjamin-kirkbride
Copy link

I have the same question as @0xDeadcell

@ShantanuNair
Copy link
Contributor

@anand2312 Hey just checking up, can I now instantiate a supabase instance with a anon key? I don't want to use a username/pw.

@RoiGlinik RoiGlinik mentioned this issue Jul 13, 2023
Merged
@anand2312
Copy link
Contributor

anand2312 commented Jul 13, 2023
edited
Loading

@anand2312 Hey just checking up, can I now instantiate a supabase instance with a anon key?

You should be able to - does passing the anon key to create_client not work?

@lhausermann
Copy link

This oneline do the job

client.postgrest.auth(self.supabase.auth.get_session().access_token)

if client is the variable from `create_client``

As @0xDeadcell mentioned, to have authentication works again, after signout, restore the anon token for your supabase project

client.postgrest.auth(SUPABASE_KEY)

@Blastorios Blastorios mentioned this issue Aug 30, 2023
Closed
@silentworks silentworks mentioned this issue Sep 24, 2023
Merged
@J0 J0 unpinned this issue Sep 29, 2023
@silentworks
Copy link
Contributor

The latest v1.1.0 release of the supabase-py library fixes this issue.

@peter-voxana
Copy link

peter-voxana commented Sep 30, 2023 via email

@shawnesquivel shawnesquivel mentioned this issue Dec 17, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@anand2312 anand2312

Labels
enhancement New feature or request postgrest Issues related to postgrest-py storage Issues related to storage-py
Projects
Supabase Python
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix issue of RLS not working with Postgrest and Storage supabase-community/supabase-py