clarification on setting session using token

Question

clarification on setting session using token

johndpope opened this issue 2 years ago · 8 comments

Answer 1 · 2022-11-19T21:45:46.000Z

there is an AuthClient class that has a method called get_client_with_access_token() but like you I am not sure how to instantiate this and use it. This repo would benefit greatly with an example of setting the session using the token in the readme or the fastAPI example folder.

+1 on this!!

Answer 2 · 2023-01-23T08:01:05.000Z

Hey team,

Thanks for the query! Will note the request for an example in the README or an example elsewhere

Answer 3 · 2023-01-29T15:05:52.000Z

Agreed that we should probably try to do a FastAPI Auth tutorial sometime. Going to move this to gotrue-py for better tracking

Answer 4 · 2023-12-28T16:21:56.000Z

Closing this out as there has been no activity on this issue and I think this is no longer an issue.

Answer 5 · 2023-12-28T20:38:32.000Z

all good with this helper now thanks -
supabase/supabase-py#616

Answer 6 · 2023-12-29T05:29:13.000Z

curious - when setting a session with access_token, do RLS policies apply?

Answer 7 · 2023-12-29T19:50:29.000Z

naturally / logic is all server side. there's libraries that can talk with postgres directly that maybe suitable for bypassing RLS.

Answer 8 · 2023-12-29T20:24:26.000Z

When I first left my comment here on Nov 19, 2022, I dropped using supabase because the python client did not respect RLS.

I write a lot of JS frontend, which has outstanding support for supabase (the library is fantastic) but never solved this RLS issue and never revisited to see if it was solved.

Basically, if user passes their JWT to my python server, I wanted the RLS policies to apply.

I had the same issue as this person:
supabase/supabase-py#616