RLS Policy not working with JWT (Auth0)

Hello all,
I'm having issues getting RLS working when sending a JWT to Supabase. I'm signing the JWT with he Supabase signing secret and sending the payload as shown below:

  const payload = {
    userId: session.user.sub,
    exp: Math.floor(Date.now() / 1000) + 60 * 60,
  };

  session.user.accessToken = jwt.sign(
    payload,
    process.env.SUPABASE_SIGNING_SECRET
  );

  const payload = {
    userId: session.user.sub,
    exp: Math.floor(Date.now() / 1000) + 60 * 60,
  };

  session.user.accessToken = jwt.sign(
    payload,
    process.env.SUPABASE_SIGNING_SECRET
  );

I'm sending the JWT (access token) when trying to get table data

 async getServerSideProps({ req, res }) {
    const {
      user: { accessToken },
    } = await getSession(req, res);

    const supabase = getSupabase(accessToken);

    const { data: notes } = await supabase.from("Notes").select("*");
    return {
      props: { notes },
    };
  },

 async getServerSideProps({ req, res }) {
    const {
      user: { accessToken },
    } = await getSession(req, res);

    const supabase = getSupabase(accessToken);

    const { data: notes } = await supabase.from("Notes").select("*");
    return {
      props: { notes },
    };
  },

But even when there user_id should match and return some results it does not. Here is my SQL below:

create or replace function auth.user_id() returns text as $$
  select nullif(current_setting('request.jwt.claims', true)::json->>'userId', '')::text;
$$ language sql stable;

create or replace function auth.user_id() returns text as $$
  select nullif(current_setting('request.jwt.claims', true)::json->>'userId', '')::text;
$$ language sql stable;

and my select policy

(user_id() = user_id)

(user_id() = user_id)

Any idea's on why this won't work? Thanks!

RLS Policy not working with JWT (Auth0)

Hello all,
I'm having issues getting RLS working when sending a JWT to Supabase. I'm signing the JWT with he Supabase signing secret and sending the payload as shown below:

  const payload = {
    userId: session.user.sub,
    exp: Math.floor(Date.now() / 1000) + 60 * 60,
  };

  session.user.accessToken = jwt.sign(
    payload,
    process.env.SUPABASE_SIGNING_SECRET
  );

  const payload = {
    userId: session.user.sub,
    exp: Math.floor(Date.now() / 1000) + 60 * 60,
  };

  session.user.accessToken = jwt.sign(
    payload,
    process.env.SUPABASE_SIGNING_SECRET
  );

I'm sending the JWT (access token) when trying to get table data

 async getServerSideProps({ req, res }) {
    const {
      user: { accessToken },
    } = await getSession(req, res);

    const supabase = getSupabase(accessToken);

    const { data: notes } = await supabase.from("Notes").select("*");
    return {
      props: { notes },
    };
  },

 async getServerSideProps({ req, res }) {
    const {
      user: { accessToken },
    } = await getSession(req, res);

    const supabase = getSupabase(accessToken);

    const { data: notes } = await supabase.from("Notes").select("*");
    return {
      props: { notes },
    };
  },

But even when there user_id should match and return some results it does not. Here is my SQL below:

create or replace function auth.user_id() returns text as $$
  select nullif(current_setting('request.jwt.claims', true)::json->>'userId', '')::text;
$$ language sql stable;

create or replace function auth.user_id() returns text as $$
  select nullif(current_setting('request.jwt.claims', true)::json->>'userId', '')::text;
$$ language sql stable;

and my select policy

(user_id() = user_id)

(user_id() = user_id)

Any idea's on why this won't work? Thanks!

RLS Policy not working with JWT (Auth0)

Similar Threads

RLS Policy not working with JWT (Auth0)

Similar Threads

Similar Threads

Similar Threads