๐ฏUser Authentication - Supabase
Enable User Authentication and data storage with Supabase
Supabase Setup
To start, you will need a Supabase account. Create a Supabase account here.
After setting up your organization in Supabase, you'll want to create a new project. This will involve assigning the project to your organization, naming the project, and creating a very strong password. Make sure you store the password somewhere secure.
API Key and Project URL
Once you continue through the project creation, you will be shown your API key and your project URL. You can copy them here while your project is being set up, or if you miss copying them before the page refreshes don't worry. Just scroll down a little ways and they are still available. Copy those two values and place them in your .env
file at the appropriate place.
Authentication Setup
Navigate to the Authentication section on the left side menu. This is where you can manage your users' accounts, such as sending a password reset email and deleting the user (until an admin interface is created for PySaaS, more to come later).
On the left hand side you will see a section labeled Providers. Click there. Email is enabled by default, but we will need to adjust settings to get the base configuration complete. Click on the email section.
For now, disable Confirm Email. This feature will be implemented in both Supabase and Firebase soon, but is not currently. You can choose whether or not to require the last two features, Secure Email Change and Secure Password Change. For ease of use, you can disable both for initial development.
At the bottom of that section is the minimum password length option. Currently PySaaS has a requirement of 6 characters long. You can make the adjustments to this as you see fit, just ensure that the length matches what you have configured in PySaaS. Additional password settings are available in Supabase's settings.
URL Configuration
Navigate to URL Configuration on the left hand side. This is where you will indicate what sites that Supabase is allowed to redirect to through your emails. Make sure to set this to your local environment during development and then change it when you are deploying.
Email Templates
A section that you do not need to configure immediately, but is important, is the Email Templates section. These templates are what is sent to the user for email confirmation, password reset emails, and more. Make sure to customize these to your branding needs before launching your application.
Database Setup
Navigate to the Database section in the far left menu. This should open up to your public schema and say that no tables have been created. Click on the Create Table button.
Name the table users
, add a description if you'd like, make sure Enable Row Level Security (RLS) is turned on, and turn on Enable Realtime.
Scroll down on the creation screen and we will actually create the columns of the table now. The columns are as follows:
Name:
id
Data Type:
bigint
Format:
int8
This is a default column and primary key. Do not edit this.
Name:
created_at
Data Type:
timestampz
Format:
timestampz
This is a default column as well. Edit the Default Value for this column to be
(now() AT TIME ZONE 'utc')
Name:
email
Data Type:
text
Format:
text
This will be tied to the users email address. Click on the gear on the right, uncheck Is Nullable and check Unique.
Name:
name
Data Type:
text
Format:
text
This is the name that the user sets in their settings.
Name:
renews_at
Data Type:
timestampz
Format:
timestampz
This value will come from LemonSqueezy. Will be Null if the user does not have a subscription.
Name:
sub_id
Data Type:
text
Format:
text
This is a subscription ID from LemonSqueezy. Will be Null if the user does not have a subscription.
Name:
plan
Data Type:
bool
Format:
bool
Shows whether or not the user has a plan. Set the default value to be
false
, click the gear on the right and uncheck Is Nullable.
Click Save when you have made these changes.
Enable indexing on email column
To allow us to search through this table using the email
column, we need to tell Supabase to allow us to index it. Navigate to Indexes on the left. There will be entries here already, which is okay. Click on Create Index.
Keep the public
schema, choose the users
table, and choose the email
column. You can keep the default B-Tree
index type. Click save.
Configure Row Level Security (RLS)
We are almost at the finish line for Supabase! The last thing that we need to do is create Row Level Security policies that will dictate who can edit our users
table.
Click on Authentication on the far left menu, then click on Policies. Supabase will tell you that you've enabled RLS for the users
table but do not have policies set. Click on Create a new policy in the top right.
We are going to be creating 4 rules, one for each of SELECT
, INSERT
, UPDATE
, and DELETE
commands. The rules are going to allow all users to do this, THIS IS NOT SECURE. This is for development purposes only. You will need to secure your database access once you are going to deploy your SaaS.
You will be at the Policy Creator screen and it will give you templates to choose from on the right. Click on the top right template called Enable read access for all users. This will populate the necessary fields to allow access for everyone.
Repeat this process for the remaining three commands, updating the name and the command for each.
Let's move on to the next step in getting your PySaaS application working, the subscriptions!
Last updated