Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(auth): Implement Supabase Auth Middleware #10499

Merged
merged 36 commits into from May 1, 2024
Merged

feat(auth): Implement Supabase Auth Middleware #10499

merged 36 commits into from May 1, 2024

Conversation

dthyresson
Copy link
Contributor

@dthyresson dthyresson commented Apr 22, 2024
edited

Addresses https://github.com/orgs/redwoodjs/projects/18/views/1?pane=issue&itemId=59186951

Implement Supabase Auth Middleware to authenticate server-side requests.

  • Adds middleware to the Supabase auth-providers package.
  • createSupabaseAuthMiddleware is responsible for authenticating Supabase requests
  • It does so by checking if the request has a supabase auth-provider header, and then uses the authDecoder to verify the session cookie using the Supabase ServerAuthClient and returning a decoded access token -- or throwing an exception if the session cookie is invalid
  • Once the middleware has the decoded JWT, it hands that to the provided getCurrentUser from he user's project to return the information about authenticated user
  • Lastly, it sets serverAuthContext with user and metadata info to know the request isAuthenticated
  • If the session is invalid or the cookie tampered with such that the access token cannot be verified, serverAuthContext is cleared as are the auth provider and Supabase cookies

@dthyresson dthyresson self-assigned this Apr 22, 2024
@dthyresson dthyresson added the release:feature This PR introduces a new feature label Apr 22, 2024
@dthyresson dthyresson added this to the next-release milestone Apr 22, 2024
@dthyresson dthyresson changed the title DRAFT: feat(auth): Implement Supabase Auth Middleware feat(auth): Implement Supabase Auth Middleware Apr 30, 2024
@dthyresson dthyresson marked this pull request as ready for review April 30, 2024 14:35
@dthyresson dthyresson requested a review from dac09 April 30, 2024 14:35
dac09
dac09 reviewed May 1, 2024
View reviewed changes
.changesets/10499.md Outdated Show resolved Hide resolved
dac09 and others added 5 commits May 1, 2024 16:40
@dac09
Update currentUser response
f3e333c
@dac09
Merge branch 'dt-auth-supabase-middleware' of github.com:redwoodjs/re…
2d992c0 
…dwood into dt-auth-supabase-middleware

* 'dt-auth-supabase-middleware' of github.com:redwoodjs/redwood:
  Update packages/auth-providers/supabase/middleware/README.md
@dthyresson
Update api config per feedback
ca55b3b
@dthyresson
to test for proper cookie expiration, need details for options
c8bcb9f
@dthyresson
Better changeset
3c4f5d7
@dthyresson dthyresson requested a review from dac09 May 1, 2024 12:32
dac09
dac09 approved these changes May 1, 2024
View reviewed changes
Copy link
Collaborator

@dac09 dac09 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@dac09 dac09 enabled auto-merge (squash) May 1, 2024 14:12
@dac09 dac09 disabled auto-merge May 1, 2024 14:20
@dac09 dac09 enabled auto-merge (squash) May 1, 2024 14:20
@dac09 dac09 merged commit 50ad4f4 into main May 1, 2024
46 checks passed
@dac09 dac09 deleted the dt-auth-supabase-middleware branch May 1, 2024 14:31
dac09 added a commit to dac09/redwood that referenced this pull request May 1, 2024
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/supabas…
31b2de9 
…e-middleware-client

* 'main' of github.com:redwoodjs/redwood:
  feat(auth): Implement Supabase Auth Middleware (redwoodjs#10499)
@Josh-Walker-GM Josh-Walker-GM modified the milestones: next-release, SSR May 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dac09 dac09 dac09 approved these changes

Assignees

@dthyresson dthyresson

Labels
release:feature This PR introduces a new feature
Projects
Bighorn Development
Archived in project
Milestone
SSR
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@dthyresson @dac09 @Josh-Walker-GM