import { PermissionAction } from '@supabase/shared-types/out/constants' import { JwtSecretUpdateStatus } from '@supabase/shared-types/out/events' import Link from 'next/link' import { useState } from 'react' import { useParams } from 'common/hooks' import SimpleCodeBlock from 'components/to-be-cleaned/SimpleCodeBlock' import Panel from 'components/ui/Panel' import { useJwtSecretUpdatingStatusQuery } from 'data/config/jwt-secret-updating-status-query' import { useProjectApiQuery } from 'data/config/project-api-query' import { useCheckPermissions } from 'hooks/misc/useCheckPermissions' import { IconAlertCircle, IconLoader, Input } from 'ui' const generateInitSnippet = (endpoint: string) => ({ js: ` import { createClient } from '@supabase/supabase-js' const supabaseUrl = '${endpoint}' const supabaseKey = process.env.SUPABASE_KEY const supabase = createClient(supabaseUrl, supabaseKey)`, dart: ` const supabaseUrl = '${endpoint}'; const supabaseKey = String.fromEnvironment('SUPABASE_KEY'); Future main() async { await Supabase.initialize(url: supabaseUrl, anonKey: supabaseKey); runApp(MyApp()); }`, }) const APIKeys = () => { const { ref: projectRef } = useParams() const availableLanguages = [ { name: 'Javascript', key: 'js' }, { name: 'Dart', key: 'dart' }, ] const [selectedLanguage, setSelectedLanguage] = useState(availableLanguages[0]) const { data: settings, isError: isProjectSettingsError, isLoading: isProjectSettingsLoading, } = useProjectApiQuery({ projectRef, }) const { data, isError: isJwtSecretUpdateStatusError, isLoading: isJwtSecretUpdateStatusLoading, } = useJwtSecretUpdatingStatusQuery({ projectRef }) const jwtSecretUpdateStatus = data?.jwtSecretUpdateStatus const canReadAPIKeys = useCheckPermissions(PermissionAction.READ, 'service_api_keys') // Get the API service const apiService = settings?.autoApiService const apiKeys = apiService?.service_api_keys ?? [] // API keys should not be empty. However it can be populated with a delay on project creation const isApiKeysEmpty = apiKeys.length === 0 const isNotUpdatingJwtSecret = jwtSecretUpdateStatus === undefined || jwtSecretUpdateStatus === JwtSecretUpdateStatus.Updated const apiUrl = `${apiService?.protocol ?? 'https'}://${apiService?.endpoint ?? '-'}` const anonKey = apiKeys.find((key) => key.tags === 'anon') const clientInitSnippet: any = generateInitSnippet(apiUrl) const selectedLanguageSnippet = clientInitSnippet[selectedLanguage.key] ?? 'No snippet available' return (
Project API

Your API is secured behind an API gateway which requires an API Key for every request.
You can use the parameters below to use Supabase client libraries.

} > {isProjectSettingsError || isJwtSecretUpdateStatusError ? (

{isProjectSettingsError ? 'Failed to retrieve API keys' : 'Failed to update JWT secret'}

) : isApiKeysEmpty || isProjectSettingsLoading || isJwtSecretUpdateStatusLoading ? (

{isProjectSettingsLoading || isApiKeysEmpty ? 'Retrieving API keys' : 'JWT secret is being updated'}

) : ( <>

API Key

{anonKey?.tags?.split(',').map((x: any, i: number) => ( {x} ))} {'public'}
} copy={canReadAPIKeys && isNotUpdatingJwtSecret} reveal={anonKey?.tags !== 'anon' && canReadAPIKeys && isNotUpdatingJwtSecret} value={ !canReadAPIKeys ? 'You need additional permissions to view API keys' : jwtSecretUpdateStatus === JwtSecretUpdateStatus.Failed ? 'JWT secret update failed, new API key may have issues' : jwtSecretUpdateStatus === JwtSecretUpdateStatus.Updating ? 'Updating JWT secret...' : apiService?.defaultApiKey } onChange={() => {}} descriptionText={

This key is safe to use in a browser if you have enabled Row Level Security (RLS) for your tables and configured policies. You may also use the service key which can be found{' '} here {' '} to bypass RLS.

} />
{availableLanguages.map((language) => { const isSelected = selectedLanguage.key === language.key return (
setSelectedLanguage(language)} > {language.name}
) })}
{selectedLanguageSnippet}
)}
) } export default APIKeys