lywsvip/supabase
1
0
Fork 0
mirror of https://github.com/supabase/supabase.git synced 2026-06-01 02:14:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
create-pull-request/patch
supabase/apps/docs/content/guides/functions/auth-legacy-jwt.mdx
Kalleby Santos 0a8e264102 feat(docs): edge functions JWT Signing Keys guide (#41444) 
* feat: edge functions legacy jwt auth guide

* stamp: adding `verify_jwt` disclaimer

* stamp: manual verify jwt example

* stamp: improving example

* stamp: improve supabase auth example

* feat: adding signing keys to jwt templates

* stamp: cleaning

* stamp: applying mdx-lint

* stamp: format

* stamp: applying ai suggestions

* stamp: improving jwt lib example

* stamp: cleaning

* stamp: typo

* stamp: applying suggestions

* stamp: applying suggestions

* stamp: applying improvements suggestions

* stamp: ponctuation typo

* stamp: ponctuation typo

* Update apps/docs/content/guides/functions/auth.mdx

* Update apps/docs/content/guides/functions/auth.mdx

* Apply suggestions from code review

* Update apps/docs/content/guides/functions/auth.mdx

* Update apps/docs/content/guides/functions/auth.mdx

* Update apps/docs/content/guides/functions/auth.mdx

* Update apps/docs/content/guides/functions/auth.mdx

---------

Co-authored-by: Chris Chinchilla <chris.ward@supabase.io>
Co-authored-by: Chris Chinchilla <chris@chrischinchilla.com>
2026-01-05 14:29:02 +01:00

95 lines
2.6 KiB
Plaintext
Raw Permalink Blame History

---
id: 'auth-legacy-jwt'
title: 'Integrating With Supabase Auth'
description: 'Supabase Edge Functions and Auth.'
subtitle: 'Integrate Supabase Auth with Edge Functions'
---
Edge Functions work with [Supabase Auth](/docs/guides/auth).
This allows you to:
- Automatically identify users through Legacy JWT tokens
- Enforce Row Level Security policies
- Integrate with your existing auth flow
## Setting up auth context
When a user makes a request to an Edge Function, you can use the `Authorization` header to set the Auth context in the Supabase client and enforce Row Level Security policies.
```js
import { createClient } from 'npm:@supabase/supabase-js@2'
Deno.serve(async (req: Request) => {
const supabaseClient = createClient(
Deno.env.get('SUPABASE_URL') ?? '',
Deno.env.get('SUPABASE_ANON_KEY') ?? '',
// Create client with Auth context of the user that called the function.
// This way your row-level-security (RLS) policies are applied.
{
global: {
headers: { Authorization: req.headers.get('Authorization')! },
},
}
);
//...
})
```
<Admonition type="tip">
This context setting happens in the `Deno.serve()` callback argument, so that the `Authorization` header is set for each individual request scope.
</Admonition>
---
## Fetching the user
By getting the JWT from the `Authorization` header, you can provide the token to `getUser()` to fetch the user object to obtain metadata for the logged in user.
```js
Deno.serve(async (req: Request) => {
// ...
const authHeader = req.headers.get('Authorization')!
const token = authHeader.replace('Bearer ', '')
const { data } = await supabaseClient.auth.getUser(token)
// ...
})
```
---
## Row Level Security
After initializing a Supabase client with the Auth context, all queries will be executed with the context of the user. For database queries, this means [Row Level Security](/docs/guides/database/postgres/row-level-security) will be enforced.
```js
import { createClient } from 'npm:@supabase/supabase-js@2'
Deno.serve(async (req: Request) => {
// ...
// This query respects RLS - users only see rows they have access to
const { data, error } = await supabaseClient.from('profiles').select('*');
if (error) {
return new Response('Database error', { status: 500 })
}
// ...
})
```
---
## Example
See the full [example on GitHub](https://github.com/supabase/supabase/blob/master/examples/edge-functions/supabase/functions/select-from-table-with-auth-rls/index.ts).
<$CodeSample
path="/edge-functions/supabase/functions/select-from-table-with-auth-rls/index.ts"
title="Select from table with auth RLS"
language="typescript"
/>
Reference in New Issue View Git Blame Copy Permalink