Restrict Access to Authenticated Users with Supabase RLS Policies
InstructorJon Meyers
Published a year ago
Updated a year ago
Since we're using Supabase to authenticate our users, it knows who our user is throughout the rest of the Supabase environment.
In this lesson, we modify our Row Level Security (RLS) policy to only apply to the authenticated role to ensure that only authenticated users can select tweets.
Additionally, we use the useRouter hook and router.refresh() to run our Server Component again and fetch fresh data from Supabase, after the user signs in or out.
Code Snippets
Enable authenticated read access with RLS policy
create policy "anyone can select tweets" ON "public"."tweets"
as permissive for select
to authenticated
using (true);
Resources
codsworth
~ a year ago
Markdown supported.
Become a member to join the discussionEnroll Today
Does this work when running supabase locally?
I've added the github provider to the supabase/config.toml. [auth.external.github] enabled = true client_id = "env(SUPABASE_AUTH_GITHUB_CLIENT_ID)" secret = "env(SUPABASE_AUTH_GITHUB_SECRET)" redirect_uri = "http://localhost:54321/auth/v1/callback"
But updating the policy don't seem to allow my github authenticated user to see the tweets?