Fabian Morón Zirfas
5th of May 2021
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. (…) JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.
SUPABASE_ANON_KEY=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzdXBhYmFzZSIsImlhdCI6MTYwMzk2ODgzNCwiZXhwIjoyNTUwNjUzNjM0LCJyb2xlIjoiYW5vbiJ9.36fUebxgx1mcBo4s19v0SzqmzunP--hm_hep0uLX0ew
SUPABASE_SERVICE_ROLE_KEY=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzdXBhYmFzZSIsImlhdCI6MTYwMzk2ODgzNCwiZXhwIjoyNTUwNjUzNjM0LCJyb2xlIjoic2VydmljZV9yb2xlIn0.necIJaiP7X2T2QjGeV-FhpkizcNTX8HjDDBAxpgQTEI
JWT_SECRET=super-secret-jwt-token-with-at-least-32-characters-long
Checkout jwt.io
In addition to the SQL-standard privilege system available through GRANT, tables can have row security policies that restrict, on a per-user basis, which rows can be returned by normal queries or inserted, updated, or deleted by data modification commands.
The CREATE POLICY command defines a new row-level security policy for a table. Note that row-level security must be enabled on the table.
-- trigger
create function public.handle_new_user() returns trigger as $$ begin
insert into public.userprofiles (id)
values (new.id);
return new;
end;
$$ language plpgsql security definer;
-- trigger the function every time a user is created
create trigger on_auth_user_created
after
insert on auth.users for each row execute procedure public.handle_new_user();
prerequisites:
are still the defaults
SUPABASE_ANON_KEY=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzdXBhYmFzZSIsImlhdCI6MTYwMzk2ODgzNCwiZXhwIjoyNTUwNjUzNjM0LCJyb2xlIjoiYW5vbiJ9.36fUebxgx1mcBo4s19v0SzqmzunP--hm_hep0uLX0ew
SUPABASE_SERVICE_ROLE_KEY=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzdXBhYmFzZSIsImlhdCI6MTYwMzk2ODgzNCwiZXhwIjoyNTUwNjUzNjM0LCJyb2xlIjoic2VydmljZV9yb2xlIn0.necIJaiP7X2T2QjGeV-FhpkizcNTX8HjDDBAxpgQTEI
JWT_SECRET=super-secret-jwt-token-with-at-least-32-characters-long
DATABASE_URL=DATABASE_URL="postgresql://postgres:postgres@localhost:5432/postgres?schema=public"
.env
in the root of te repo.env
in next-iot-hub-api/dev-tools/next-iot-hub-db/
(DATABASE_URL
)and execute the scripts in next-iot-hub-api/dev-tools/local-supabase/docker/postgres/docker-entrypoint-initdb.d/
:
30-delete-cascades.sql
40-triggers-and-rls.sql
50-remote-procedure-calls.sql
60-categories.sql
for your attention.