SupabaseS
Supabase3y ago
spanishbombs

SSR Auth / SvelteKit / RLS issue

Hi! I'm trying to set up Auth in my SvelteKit project but can't make RLS work.

I followed the instructions to instantiate Supabase client in hooks and layout.ts. Sign up, Log in and Log out seem to work fine.

I can see cookies with JWT tokens created, active sessions in auth.sessions, the session is active on the server (locals.getSession()), etc.

One thing I noticed is that when I try to check JWT token on jwt.io, it correctly displays sub and aud ('authenticated') but also it says 'Invalid Signature' at the bottom - not sure why?

I've set up RLS policies to restrict select with USING (auth.uid() = user_id).

Then I load data from my +page.server.ts file. 

export const load = (async (locals) => {
    const user_id = (await locals.parent()).session.user.id

    const response = await getRecords(user_id)
    if (response.error) {
        throw error(400, "Something went wrong. Please try again later")
    }

    return { data: response.data }
})


getRecords is defined as following (I use pg function to select data)
async function getRecords(user_id: string) {
    try {
        const recordsResponse = await supabaseDB.rpc('get_latest_iterations', { _user_id: user_id })
        if (recordsResponse.error) throw recordsResponse.error

        return ({
            data: recordsResponse.data
        })
    }
    catch (error) { return error }
}


Not sure how to troubleshoot it either. Seems like I'm missing something obvious but not sure what.
Was this page helpful?