diff --git a/apps/website/app/utils/supabase/client.ts b/apps/website/app/utils/supabase/client.ts deleted file mode 100644 index 430714c3c..000000000 --- a/apps/website/app/utils/supabase/client.ts +++ /dev/null @@ -1,14 +0,0 @@ -import { createClient as createSupabaseClient } from "@supabase/supabase-js"; -import type { Database } from "@repo/database/dbTypes"; - -// Inspired by https://supabase.com/ui/docs/nextjs/password-based-auth - -export const createClient = () => { - const url = process.env.SUPABASE_URL; - const key = process.env.SUPABASE_ANON_KEY; - - if (!url || !key) { - throw new Error("Missing required Supabase environment variables"); - } - return createSupabaseClient(url, key); -}; diff --git a/apps/website/app/utils/supabase/middleware.ts b/apps/website/app/utils/supabase/middleware.ts index 35ee1e6ee..1854e5c52 100644 --- a/apps/website/app/utils/supabase/middleware.ts +++ b/apps/website/app/utils/supabase/middleware.ts @@ -2,6 +2,9 @@ import { createServerClient } from "@supabase/ssr"; import { NextResponse, type NextRequest } from "next/server"; import { envContents } from "@repo/database/dbDotEnv"; +// This would allow to create Next pages gated by a login middleware, +// as described here: https://nextjs.org/docs/app/api-reference/file-conventions/middleware +// Not usable yet, waiting for ENG-373 // Inspired by https://supabase.com/ui/docs/nextjs/password-based-auth export const updateSession = async (request: NextRequest) => { @@ -17,10 +20,8 @@ export const updateSession = async (request: NextRequest) => { const supabase = createServerClient(supabaseUrl, supabaseKey, { cookies: { - getAll() { - return request.cookies.getAll(); - }, - setAll(cookiesToSet) { + getAll: () => request.cookies.getAll(), + setAll: (cookiesToSet) => { cookiesToSet.forEach(({ name, value }) => request.cookies.set(name, value), ); diff --git a/apps/website/app/utils/supabase/server.ts b/apps/website/app/utils/supabase/server.ts index 357c7c9f7..080a8ca86 100644 --- a/apps/website/app/utils/supabase/server.ts +++ b/apps/website/app/utils/supabase/server.ts @@ -3,6 +3,7 @@ import { cookies } from "next/headers"; import type { Database } from "@repo/database/dbTypes"; import { envContents } from "@repo/database/dbDotEnv"; +// This is a supabase client to be used in a server process such as NextJS // Inspired by https://supabase.com/ui/docs/nextjs/password-based-auth export const createClient = async () => { @@ -18,16 +19,16 @@ export const createClient = async () => { // following https://supabase.com/docs/guides/auth/server-side/creating-a-client?queryGroups=environment&environment=server return createServerClient(supabaseUrl, supabaseKey, { cookies: { - getAll() { + getAll: () => { return cookieStore.getAll(); }, - setAll( + setAll: ( cookiesToSet: { name: string; value: string; options: CookieOptions; }[], - ) { + ) => { try { cookiesToSet.forEach( ({ diff --git a/packages/database/supabase/functions/create-space/index.ts b/packages/database/supabase/functions/create-space/index.ts index 7c82ab120..345c02176 100644 --- a/packages/database/supabase/functions/create-space/index.ts +++ b/packages/database/supabase/functions/create-space/index.ts @@ -220,6 +220,9 @@ Deno.serve(async (req) => { headers: { "Content-Type": "application/json" }, }); } + // note: If we wanted this to be bound by permissions, we'd set the following options: + // { global: { headers: { Authorization: req.headers.get('Authorization')! } } } + // But the point here is to bypass RLS const supabase: DGSupabaseClient = createClient(url, key); const { data, error } = await processAndGetOrCreateSpace(supabase, input);