Thanks for tuning in! Make sure to check out the docs: supabase.com/docs/guides/auth/custom-claims-and-role-based-access-control-rbac? And you can find the code on GitHub: github.com/supabase/supabase/tree/master/examples/slack-clone/nextjs-slack-clone
Perfect timing for me, This is what I need for my website now, Do you have the videos of how you developed this chat app that you showed in the video? Thank you
@@thorwebdev Yes. I have seen their video stream of happy hours few months ago and it made me start my own website. now i have launched it. but it's bit old, Is there a entire slack clone video like that? can you give the link if it there?
Oh i didn't notice, it's you Thor, you were in that stream right? i think came only in one video :) they were joking about Hammer, it was such a wonderful stream, made me start my own website and i started to learn react and now my website is live, but need soooo many improvements to make. love you guys. Thanks Thor
Small tangent, perhaps, but what was the approach to determine which channels were available to delete for the moderator role in the UI? The trash icon existed for just the one available to delete. Presumably that's using the same rules as RLS for the delete, but are those rules duplicated into a function your UI is using?
Nice video! Thank you 😊 I am wondering why you don’t enable this feature by default, like Auth0 does, but we have to actually write a bunch of stuff in our project following a documentation page
Thanks! What if user could be part of multiple organizations and have different roles within them? Struggling with implementing this - will appreciate any advice.
same here. anyone ever figure out a good way? Edit: An approach I was thinking maybe was refetching the token based on the organization instance. For example, you can have their meta data something like this { "org": "org-id", "role": "user", "additional_permissions": [] } and on the client side, if they change between orgs somehow, that can trigger a session refresh with somehow passing in the org id that they wish to switch to?
Just tried using this approach adding a custom claim (is_admin) to the JWT in a NextJS 14 but it just keep running into an Error -> AuthApiError: Error invoking access token hook
The Auth Hook is only triggered when a token is issued rather than the RLS policy triggering for each API call. So there is a bit of optimization here.
@@Supabasehi, I am a beginner so the RLS is easier for me to control. Would the optimization really make a difference in term of performance and security? Or controlling the RLS directly is sufficient. Thank you.
Does the impersonate method work correctly with this? Imagine that we have two policies: - one to get the user's own messages (individual select) - one to get every message (for admin users) I tried it and technically it works but it does not work when I'm impersonating... Is there anything missing? Does the auth hook run on impersonate? I don't feel confident enough by testing these policies in development but not being able to test them using impersonate.
Question how can I create custom access token if I deployed supabase in self hosting docker? I'm trying to create a Hook: Custom access token but I can't get it to work... Supabase I deployed in self-hosting version. The documentation says to add fields to config.toml I found it in supabase/supabase/config.toml . But as I understand it is not what I need. Question how can I create custom access token if I deployed supabase in self hosting docker ?