-
-
Save brandon-braner/7be26849dc048effd8e63d8d9b9223da to your computer and use it in GitHub Desktop.
from supabase_py import create_client, Client | |
SUPABASE_URL = "https://url.supabase.co" | |
SUPABASE_KEY = "secret_key" | |
#### Start signin | |
# api call to sign in and get the user access token for futuer api calls | |
supabase: Client = create_client(SUPABASE_URL, SUPABASE_KEY) | |
user = supabase.auth.sign_in( | |
email='example@gmail.com', password='password') | |
access_token = user['access_token'] | |
#### End Sign in | |
### Another api call where the user needs to do something. Want to send the access token to avoid sending username and password | |
user_client: Client = create_client(SUPABASE_URL, access_token) | |
# user_client returns no session or user | |
print(user_client.auth.user()) |
Is there a reason you have to create a supabase client specifically for this user? I've not tried it before but I suspect if you really wanted to do that, you could set {'headers': {'Authorization': 'Bearer somethingsomething'}}
as the third argument to create_client
.
The usual practice is to just perform requests (e.g. supabase.auth
, supabase.table
etc.) after you've authenticated as the user on line 10, which should automatically grab that user's token.
I am imaging where someone needs to make multiple api requests and not having to have them send their username and password with each request but instead send the access token that has a set lifetime
Hmm I'm not sure why that would be needed, because a user normally would have to sign in before making API requests. But perhaps you can give the suggestion above a shot. So something like:
url: str = os.environ.get("SUPABASE_URL")
key: str = os.environ.get("SUPABASE_KEY")
headers = {'Authorization': 'Bearer <your user's access token>'}
supabase: Client = create_client(url, key, {'headers': headers})
Then you can perform requests as usual to see if the supabase client is now tied to this user.
Another solution that probably isn't what you're looking for is to do it via bash commands:
curl '<your supabase url>/rest/v1/<your table name>?select=*' \
-H "apikey: <your supabase key>" \
-H "Authorization: Bearer <user's access token>"
This request will be interpreted as coming from the user. For a full reference, you can check out your Supabase dashboard, look for the left panel icon that says 'API' when you hover over it.
Hey yea sorry I should have added a comment. Line 13 forward is trying to get the user if I were to send a request to my api to try to authenticate as the user.