Thanks for tuning in! Make sure to check out the docs: supabase.com/docs/guides/auth/custom-claims-and-role-based-access-control-rbac? And you can find the code on GitHub: github.com/supabase/supabase/tree/master/examples/slack-clone/nextjs-slack-clone
@skillsvsdegree6139
6 ай бұрын
Thank you so much
@carlosricardoziegler2650
6 ай бұрын
What is the good approach to change claims from a user and get changes in realtime ?
@nipperstyx
6 ай бұрын
Small tangent, perhaps, but what was the approach to determine which channels were available to delete for the moderator role in the UI? The trash icon existed for just the one available to delete. Presumably that's using the same rules as RLS for the delete, but are those rules duplicated into a function your UI is using?
@skillsvsdegree6139
6 ай бұрын
Perfect timing for me, This is what I need for my website now, Do you have the videos of how you developed this chat app that you showed in the video? Thank you
@thorwebdev
6 ай бұрын
You mean a video of live coding the entire Slack clone?
@skillsvsdegree6139
6 ай бұрын
@@thorwebdev Yes. I have seen their video stream of happy hours few months ago and it made me start my own website. now i have launched it. but it's bit old, Is there a entire slack clone video like that? can you give the link if it there?
@skillsvsdegree6139
6 ай бұрын
Oh i didn't notice, it's you Thor, you were in that stream right? i think came only in one video :) they were joking about Hammer, it was such a wonderful stream, made me start my own website and i started to learn react and now my website is live, but need soooo many improvements to make. love you guys. Thanks Thor
@hago7568
4 ай бұрын
Is there an update for the app router? I am trying to do this in the middleware but can't get it to work
@sandeepyadav4508
9 сағат бұрын
Hi , i have used the same steps. Still i am not getting user_role in jwt, can someone help
@GabrielFernandes-bc7se
Ай бұрын
Does the impersonate method work correctly with this? Imagine that we have two policies: - one to get the user's own messages (individual select) - one to get every message (for admin users) I tried it and technically it works but it does not work when I'm impersonating... Is there anything missing? Does the auth hook run on impersonate? I don't feel confident enough by testing these policies in development but not being able to test them using impersonate.
@niccolofontana1049
3 ай бұрын
Nice video! Thank you 😊 I am wondering why you don’t enable this feature by default, like Auth0 does, but we have to actually write a bunch of stuff in our project following a documentation page
@derekjwilliams
4 ай бұрын
Great stuff, I was wondering what the Supabase team thinks of services like Cerbos for RBAC, ABAC
@tej_777_
6 ай бұрын
This is amazing been wanting to implement such functionality , nice to see a tutorial on this. Wonder if it works well with graphql too ?
@Supabase
6 ай бұрын
Yes, GraphQL fully supports this approach also 👍
@nikitastriuk
6 ай бұрын
Thanks! What if user could be part of multiple organizations and have different roles within them? Struggling with implementing this - will appreciate any advice.
@syedfaysel
5 ай бұрын
I have the similar query. Let me know if anyone have any good idea
@johngn1978
3 ай бұрын
same problem here, did you find any solution?
@haraldlons
3 ай бұрын
I'm wondering about the same
@alexizhernandez8011
3 ай бұрын
same here. anyone ever figure out a good way? Edit: An approach I was thinking maybe was refetching the token based on the organization instance. For example, you can have their meta data something like this { "org": "org-id", "role": "user", "additional_permissions": [] } and on the client side, if they change between orgs somehow, that can trigger a session refresh with somehow passing in the org id that they wish to switch to?
@matthewbeardsley7004
Ай бұрын
your user_roles table could have an organisation_id column, so then you should be able to do different organisations with different roles
@mehmethanifierenler3612
23 күн бұрын
thanks
@АлибекБилалов-н4я
4 ай бұрын
Question how can I create custom access token if I deployed supabase in self hosting docker? I'm trying to create a Hook: Custom access token but I can't get it to work... Supabase I deployed in self-hosting version. The documentation says to add fields to config.toml I found it in supabase/supabase/config.toml . But as I understand it is not what I need. Question how can I create custom access token if I deployed supabase in self hosting docker ?
@belmo_
5 ай бұрын
Just tried using this approach adding a custom claim (is_admin) to the JWT in a NextJS 14 but it just keep running into an Error -> AuthApiError: Error invoking access token hook
@jonathangamble
6 ай бұрын
If custom claims still reads from the database, how is this faster than just using RLS directly?
@Supabase
6 ай бұрын
The Auth Hook is only triggered when a token is issued rather than the RLS policy triggering for each API call. So there is a bit of optimization here.
@Rexhibition
5 ай бұрын
@@Supabasehi, I am a beginner so the RLS is easier for me to control. Would the optimization really make a difference in term of performance and security? Or controlling the RLS directly is sufficient. Thank you.
@VOVOPERADOR
4 ай бұрын
this saved me
@Tanner-cz4bd
6 ай бұрын
Supabase with drizzle ? Or local dev ?
@zeeeeeman
3 ай бұрын
Noob question: why a public.users table? Why not use auth.users?
@Justin-oo2xt
3 ай бұрын
You can’t query auth.users using the Javascript client
@flowmv
2 ай бұрын
@@Justin-oo2xt why do we need to query auth.users anyway when the cookie/jwt will be stored locally in the browser?
@zeeeeeman
2 ай бұрын
@@flowmv I was thinking about trying to get all the users out of the auth table.
@devdariill
6 ай бұрын
nice 9:34 mins, how to learn more about it.
@HijabiCoder
6 ай бұрын
Always pronounced it Ree-back 😅
@skillsvsdegree6139
6 ай бұрын
Have you developed any personal websites with this? can i see? Thank you.
Пікірлер: 37