Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(server-auth): Supabase web client implementation with middleware support #10522

Merged
merged 27 commits into from May 3, 2024
Merged

feat(server-auth): Supabase web client implementation with middleware support #10522

merged 27 commits into from May 3, 2024

Conversation

dac09
Copy link
Collaborator

@dac09 dac09 commented Apr 26, 2024
edited

Updates supabase auth client implementation to support middleware auth

In web/src/auth.ts:

// 👇 notice where this is imported from! 
import { createBrowserClient } from '@supabase/ssr'

import { createAuth } from '@redwoodjs/auth-supabase-web'

const supabaseClient = createBrowserClient(
  process.env.SUPABASE_URL || '',
  process.env.SUPABASE_KEY || ''
)

export const { AuthProvider, useAuth } = createAuth(supabaseClient)
  • moves some types, and getCurrentUserFromMiddleware function to a common place so it can be shared with multiple auth implementations

TODO

  • Update dependencies

  • Expiry time. The auth-provider cookie expiry time cannot be the same as access_token expiry. Are we OK with having it set to two weeks?

  • What does getUserMetadata return in supabase vs dbAuth

  • Are we correct to assume userMetadata = currentUser in middleware auth (check useReauthenticate)

  • We get a double getCurrentUser in supabase auth, because of the above

See PR here: #10531

- [ ] Decide if we want to change the template for supabase auth in web/src/auth.ts. The supabase ssr client works with legacy redwood too, and our decoder is smart enough to switch to “cookie mode”
We're gonna do setup changes in a separate task. All changes are backwards compatible regardless of which client you are using!

  • Add more unit tests

@dac09 dac09 added this to the SSR milestone Apr 30, 2024
@dac09 dac09 added the release:feature This PR introduces a new feature label Apr 30, 2024
@dthyresson
Copy link
Contributor

@dac09 re: "The auth-provider cookie expiry time cannot be the same as access_token expiry. Are we OK with having it set to two weeks?"

Maybe get the expiry of the Supabase token and add 1 day? 2 hrs?

dac09 added 11 commits May 1, 2024 18:25
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/supabas…
cf1f7bb 
…e-middleware-client

* 'main' of github.com:redwoodjs/redwood:
  chore(server-auth): Automagic middleware auth on supported providers (dbAuth so far) (redwoodjs#10529)
  feat(baremetal): Add more details to error messages (redwoodjs#10527)
  feat(baremetal): Add verbose output to ssh exec (redwoodjs#10525)
  Fix typos in seo-head (`<Metadata />`) docs (redwoodjs#10526)
  chore(cli): Wrap NodeSSH to make sshExec an instance method (redwoodjs#10524)
  Fix broken Azure / MSAL documentation links (redwoodjs#10505)
  chore(deps): Stop using PR build of rehackt - use proper version (redwoodjs#10523)
  feat(og-gen): Implement middleware and hooks (redwoodjs#10469)
  RSC: Rename RSC CI test case (redwoodjs#10521)
  feat(eslint): Disable restricted $api imports for entryserver (redwoodjs#10520)
  RSC: Add RSC+SSR smoke test to CI (redwoodjs#10477)
  fix(dbauth-mw): Use response passed in to middleware (redwoodjs#10516)
@dac09
Mock RWJS_ENV
585fbe5
@dac09
Cleanup
2ac37af
@dac09
Bit of cleanup: only run middleware things when middleware enabled
18ab864
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/supabas…
31b2de9 
…e-middleware-client

* 'main' of github.com:redwoodjs/redwood:
  feat(auth): Implement Supabase Auth Middleware (redwoodjs#10499)
@dac09
Use Supabase's default cookie options
7b2a761
@dac09
Supabase middleware changes
131b8c1
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/supabas…
64455f7 
…e-middleware-client

* 'main' of github.com:redwoodjs/redwood:
  chore(canary): Avoid `workspace:*` in published package.json files (redwoodjs#10532)
@dac09
Update types in test
7db74fc
@dac09
Refactor client tests so mocks can be shared
514e45f
@dac09
Add tests for middleware supabase client
2d92aa1
@dac09 dac09 marked this pull request as ready for review May 2, 2024 15:23
@dthyresson dthyresson self-requested a review May 2, 2024 18:53
dthyresson
dthyresson reviewed May 2, 2024
View reviewed changes
Copy link
Contributor

@dthyresson dthyresson left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated main and tested PR locally with Supabase test project and login, signup, wreath, profile, current user working with middleware and classic.

There is one failing CI test for Windows that I cannot reproduce locally on OSX:

[src/tests/AuthProvider.test.tsx > Custom auth provider > Authentication flow (logged out -> login -> logged in -> logout) works as expected: packages/auth/src/tests/AuthProvider.test.tsx#L220]

Looking at but unsure why.

The test in question expects the authToken: to show "hunter2" but isn't present.

image

which comes from mockedTestAuthClient.getToken.mockReturnValue('hunter2')

This test passes on OSX

Otherwise LGTM for merging.

@dthyresson
Copy link
Contributor

@dac09 I made some small changes to the AuthProvider test -- not sure if we keep them, but it now passed all CI. 🎉

Approved and can merge unless you decide to revert my changes.

@dthyresson dthyresson self-requested a review May 2, 2024 20:39
dthyresson
dthyresson approved these changes May 2, 2024
View reviewed changes
Copy link
Contributor

@dthyresson dthyresson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unsure if the changes to the AuthProvider test actually fixed CI or was just a coincidence.

Approved and can merge -- or @dac09 can revert if need.

dac09 added 4 commits May 3, 2024 15:08
@dac09
Merge branch 'main' into feat/supabase-middleware-client
60c8fa4
@dac09
Update authprovider test to make it less flakey
101ba6f
@dac09
Merge branch 'feat/supabase-middleware-client' of github.com:dac09/re…
18268a7 
…dwood into feat/supabase-middleware-client

* 'feat/supabase-middleware-client' of github.com:dac09/redwood:
  feat(RSC): Remove `entries.ts` file (redwoodjs#10533)
  testing to see if getToken is called
  Try to see if swapping getToken order mock passes Windows CI
  feat(server-auth): Refactor useReauthenticate to prevent double currentUser calls (redwoodjs#10531)
  chore(deps): update dependency rollup to v4.17.2 (redwoodjs#10346)
  fix(deps): update docusaurus monorepo to v3.2.1 (redwoodjs#10371)
@dac09
Merge branch 'main' into feat/supabase-middleware-client
4c9e559
@dac09
Copy link
Collaborator Author

dac09 commented May 3, 2024
edited

Thanks for the updates @dthyresson - I changed the test to wait for the getToken text on the page... because I suspect what happens on windows is that the Logout button appears, and then the page updates again with "hunter2"

Running the CI a few times just to check, then will merge if all ok

@dac09 dac09 merged commit 9afca37 into redwoodjs:main May 3, 2024
46 checks passed
@dac09 dac09 deleted the feat/supabase-middleware-client branch May 3, 2024 09:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dthyresson dthyresson dthyresson approved these changes

Assignees
No one assigned
Labels
release:feature This PR introduces a new feature
Projects
Bighorn Development
Archived in project
Milestone
SSR
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@dac09 @dthyresson