New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(server-auth): Supabase web client implementation with middleware support #10522
Conversation
@dac09 re: "The auth-provider cookie expiry time cannot be the same as access_token expiry. Are we OK with having it set to two weeks?" Maybe get the expiry of the Supabase token and add 1 day? 2 hrs? |
…e-middleware-client * 'main' of github.com:redwoodjs/redwood: chore(server-auth): Automagic middleware auth on supported providers (dbAuth so far) (redwoodjs#10529) feat(baremetal): Add more details to error messages (redwoodjs#10527) feat(baremetal): Add verbose output to ssh exec (redwoodjs#10525) Fix typos in seo-head (`<Metadata />`) docs (redwoodjs#10526) chore(cli): Wrap NodeSSH to make sshExec an instance method (redwoodjs#10524) Fix broken Azure / MSAL documentation links (redwoodjs#10505) chore(deps): Stop using PR build of rehackt - use proper version (redwoodjs#10523) feat(og-gen): Implement middleware and hooks (redwoodjs#10469) RSC: Rename RSC CI test case (redwoodjs#10521) feat(eslint): Disable restricted $api imports for entryserver (redwoodjs#10520) RSC: Add RSC+SSR smoke test to CI (redwoodjs#10477) fix(dbauth-mw): Use response passed in to middleware (redwoodjs#10516)
…e-middleware-client * 'main' of github.com:redwoodjs/redwood: feat(auth): Implement Supabase Auth Middleware (redwoodjs#10499)
…e-middleware-client * 'main' of github.com:redwoodjs/redwood: chore(canary): Avoid `workspace:*` in published package.json files (redwoodjs#10532)
…dwood into feat/supabase-middleware-client * 'feat/supabase-middleware-client' of github.com:dac09/redwood: chore(deps): bump ejs from 3.1.9 to 3.1.10 (redwoodjs#10530)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated main and tested PR locally with Supabase test project and login, signup, wreath, profile, current user working with middleware and classic.
There is one failing CI test for Windows that I cannot reproduce locally on OSX:
[src/tests/AuthProvider.test.tsx > Custom auth provider > Authentication flow (logged out -> login -> logged in -> logout) works as expected: packages/auth/src/tests/AuthProvider.test.tsx#L220]
Looking at but unsure why.
The test in question expects the authToken:
to show "hunter2" but isn't present.
which comes from mockedTestAuthClient.getToken.mockReturnValue('hunter2')
This test passes on OSX
Otherwise LGTM for merging.
@dac09 I made some small changes to the AuthProvider test -- not sure if we keep them, but it now passed all CI. 🎉 Approved and can merge unless you decide to revert my changes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unsure if the changes to the AuthProvider test actually fixed CI or was just a coincidence.
Approved and can merge -- or @dac09 can revert if need.
…dwood into feat/supabase-middleware-client * 'feat/supabase-middleware-client' of github.com:dac09/redwood: feat(RSC): Remove `entries.ts` file (redwoodjs#10533) testing to see if getToken is called Try to see if swapping getToken order mock passes Windows CI feat(server-auth): Refactor useReauthenticate to prevent double currentUser calls (redwoodjs#10531) chore(deps): update dependency rollup to v4.17.2 (redwoodjs#10346) fix(deps): update docusaurus monorepo to v3.2.1 (redwoodjs#10371)
Thanks for the updates @dthyresson - I changed the test to wait for the Running the CI a few times just to check, then will merge if all ok |
Updates supabase auth client implementation to support middleware auth
In
web/src/auth.ts
:TODO
Update dependencies
Expiry time. The auth-provider cookie expiry time cannot be the same as access_token expiry. Are we OK with having it set to two weeks?
What does getUserMetadata return in supabase vs dbAuth
Are we correct to assume userMetadata = currentUser in middleware auth (check useReauthenticate)
We get a double getCurrentUser in supabase auth, because of the above
See PR here: #10531
- [ ] Decide if we want to change the template for supabase auth in web/src/auth.ts. The supabase ssr client works with legacy redwood too, and our decoder is smart enough to switch to “cookie mode”We're gonna do setup changes in a separate task. All changes are backwards compatible regardless of which client you are using!