Comments (15)
@fenos thanks for that, for me, i don't need anymore the feature since.
I was able to do APIKEY check with RLS.
If you want to do it too:
First create key_mode, the type of api key:
CREATE TYPE "public"."key_mode" AS ENUM (
'read',
'write',
'all',
'upload'
);
Then create the table:
CREATE TABLE "public"."apikeys" (
"id" bigint NOT NULL,
"created_at" timestamp with time zone DEFAULT "now"(),
"user_id" "uuid" NOT NULL,
"key" character varying NOT NULL,
"mode" "public"."key_mode" NOT NULL,
"updated_at" timestamp with time zone DEFAULT "now"()
);
Then create the postgress function:
CREATE OR REPLACE FUNCTION public.is_allowed_apikey(apikey text, keymode key_mode[])
RETURNS boolean
LANGUAGE plpgsql
SECURITY DEFINER
AS $function$
Begin
RETURN (SELECT EXISTS (SELECT 1
FROM apikeys
WHERE key=apikey
AND mode=ANY(keymode)));
End;
$function$
Then add the RLS in table you want to give access:
is_allowed_apikey(((current_setting('request.headers'::text, true))::json ->> 'apikey'::text), '{all,write}'::key_mode[])
And in the SDK 1 you can add your APIKEY like that
const supabase = createClient(hostSupa, supaAnon, {
headers: {
apikey: apikey,
}
})
In SDK v2
const supabase = createClient(hostSupa, supaAnon, {
global: {
headers: {
apikey: apikey,
}
}
})
from storage.
Hello!
Apologies for the late reply,
I really like the idea of a signed URL for upload, I will add this to the backlog for discovery & prioritization
from storage.
➕ 💯
This would great
from storage.
i updated my comment for people who wanted the apikey system as me
from storage.
I'm also interested in this feature. I would love to create presigned URLs for uploads to save bandwidth and avoid file size limitations, while using our own server for most of the business logic. It looks like @etiennedupont has fixed their issue by using S3 directly, unfortunately.
from storage.
I can share my solution, where I deployed proxy server using fly.io to circumvent that issue
Hovever not ideal
I;m still waiting also for this feat
from storage.
I have the same issue for https://capgo.app i allow users to upload from my CLI with a apikey, so not logged in in the CLI.
my current solution is to split the file in chuck of 1mb to upload in loop and edit the file in storage but it often fail for big files: Cap-go/CLI#12
from storage.
That would be very much appreciated. Thank you.
from storage.
+1 for this, signed upload URLs would solve a lot of my own implementation issues around using Supabase storage with NextJS
from storage.
+1 would really like this
from storage.
+1
from storage.
+1
from storage.
+1
from storage.
Is this still prioritized? The DB is setup in a way where we can still use middleware to handle the auth, but that is not the case for storage uploading. If we aren't able to create a signed URL, we have to use RLS to control the upload authorization which doesn't work in all of our cases. This would be extremely useful in allowing us to have some access-control live in middleware for file uploads.
from storage.
@fenos thanks for that, for me, i don't need anymore the feature since.
I was able to do APIKEY check with RLS.
If you want to do it too:
First create key_mode, the type of api key:
CREATE TYPE "public"."key_mode" AS ENUM ( 'read', 'write', 'all', 'upload' );Then create the table:
CREATE TABLE "public"."apikeys" ( "id" bigint NOT NULL, "created_at" timestamp with time zone DEFAULT "now"(), "user_id" "uuid" NOT NULL, "key" character varying NOT NULL, "mode" "public"."key_mode" NOT NULL, "updated_at" timestamp with time zone DEFAULT "now"() );Then create the postgress function:
CREATE OR REPLACE FUNCTION public.is_allowed_apikey(apikey text, keymode key_mode[]) RETURNS boolean LANGUAGE plpgsql SECURITY DEFINER AS $function$ Begin RETURN (SELECT EXISTS (SELECT 1 FROM apikeys WHERE key=apikey AND mode=ANY(keymode))); End; $function$Then add the RLS in table you want to give access:
is_allowed_apikey(((current_setting('request.headers'::text, true))::json ->> 'apikey'::text), '{all,write}'::key_mode[])And in the SDK 1 you can add your APIKEY like that
const supabase = createClient(hostSupa, supaAnon, { headers: { apikey: apikey, } })In SDK v2
const supabase = createClient(hostSupa, supaAnon, { global: { headers: { apikey: apikey, } } })
Anyone else having trouble with the custom headers? Tried logging the request headers and my custom headers are never attached.
from storage.
Related Issues (20)
- self-host storage got relation "buckets" does not exist thought schema and tables already exists HOT 9
- API link in readme here is outdated. HOT 1
- Storage RLS UPDATE WITH CHECK evaluates old data, not new HOT 4
- Can't upload files to storage HOT 3
- File upload is not possible when using custom roles HOT 1
- 410 on Head request from TUS client (uppy) to resumable endpoint HOT 1
- 5-10% of Uppy/TUS uploads fail HOT 8
- Can not integrate Lock Objects S3 with Supabase HOT 3
- Can't update files after migration HOT 5
- UNEXPECTED BEHAVIOR 'move' method HOT 1
- Move set owner to null HOT 1
- FFmpeg/FFprobe 'moov atom not found' Error When Processing Videos from Local Supabase Instance HOT 2
- Storage API changing file name HOT 1
- `move`, `copy` do not returning new file id HOT 4
- Add `file_metadata` field to objects schema HOT 30
- Rest Api For Storage Questions/Suggestions HOT 2
- Storage Upload Error Typescript Issue
- The values of both column `owner` and `owner_id` are set to `NULL` after calling `StorageFileApi` method `move`. HOT 1
- Private bucket files become public HOT 2
- How to set file owner on TUS upload HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from storage.