Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Supebase RLS docs refers to "user" in session callback #12605

Open
ramifara opened this issue Feb 4, 2025 · 0 comments
Open

Supebase RLS docs refers to "user" in session callback #12605

ramifara opened this issue Feb 4, 2025 · 0 comments
Labels
triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime.

Comments

@ramifara
Copy link

ramifara commented Feb 4, 2025

What is the improvement or update you wish to see?

In supabase adapter docs, when guiding on how to implement RLS, in this example code

callbacks: {
    async session({ session, user }) {
      const signingSecret = process.env.SUPABASE_JWT_SECRET
      if (signingSecret) {
        const payload = {
          aud: "authenticated",
          exp: Math.floor(new Date(session.expires).getTime() / 1000),
          sub: user.id,
          email: user.email,
          role: "authenticated",
        }
        session.supabaseAccessToken = jwt.sign(payload, signingSecret)
      }
      return session
    },
  },

Docs says that there is a user prop which then gets used for making supabaseAccessToken, but this callback in my code only returns session and token.

Is there any context that might help us understand?

I am using using google as provide and have a split setup to be able to use JWT in edge

This way of doing it worked for me.

export const { auth, handlers, signIn, signOut } = NextAuth({
  session: { strategy: "jwt" },
  adapter: SupabaseAdapter({
    url: process.env.SUPABASE_URL,
    secret: process.env.SUPABASE_SERVICE_ROLE_KEY,
  }),
  callbacks: {
    async session({ session, token }) {
      const signingSecret = process.env.SUPABASE_JWT_SECRET;
      if (signingSecret) {
        const payload = {
          aud: "authenticated",
          exp: Math.floor(new Date(session.expires).getTime() / 1000),
          sub: token.sub,
          email: token.email,
          role: "authenticated",
        };
        session.supabaseAccessToken = jwt.sign(payload, signingSecret);
      }
      return session;
    },
  },
  ...authConfig,

I am not sure if the token/user issue only applies to google or if it is the same with other providers, I did not check any other ones.

Does the docs page already exist? Please link to it.

https://authjs.dev/getting-started/adapters/supabase?framework=next-js
@ramifara ramifara added the triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime. label Feb 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ramifara