How do I get the user id from getClaims() method?
Looking to get started with the new JWT stuff, and I have an edge function that get's the user data specifically I need the user id. How do I go about this w the new JWT system in place?
19 Replies
Or rather - I am currently using .getUser() which I believe still makes an API call to the supabase auth server - and this is in the middleware file, so it's adding unnecessary latency to my app.
What's the alternative where I can still get access to the user_id?
👋 the user id is the "sub" field in the claims object
From the
getClaims() method you will get returned a data object which contains claims. So you can do
Fantastic thank you! I shall migrate tomorrow
Just as a general note - I am getting quite confused about the performance benefits and how to achieve them, I thought the "no code changes'" in itself mean the performance benefits would be instant and clear but as far as I understand it I need to swap out the getUser with getClaims?
If there could be clearer wording/better documentation on when and which APIs will cause a network request that'd be immensely helpful!
Where is the confusing text you are referring to? the release video and blog posts both mention using
getClaims() over getUser() in the middleware for performance benefits. I think Jon over at Supabase is working on another video showing the changeover from getUser() to getClaims().It says it in the docs about
getUser making a network request and it also states it in the getClaims docs that you should always prefer it over getUser.
I think it was the combination of "no code changes" along with performance benefits that was lost on me.
Can you point me to where this is referenced please? I just re-read the blog post and didn't see anything like this in it.
https://supabase.com/blog/jwt-signing-keys
On this launch post, it says that the function is faster, but doesn't explicitly say why?
It might just be me lacking some info or just not using my brain fully - but I thought that the getUser would stop making the network request and then the getClaims would just somehow be a faster version of that?
Regardless, I understand it now 🙏 apologies for the confusion!
Supabase
Introducing JWT Signing Keys
A new JWT signing keys system based on public key cryptography to improve your project's security and performance.
Sorry - to further this question, how does one get the email address of the user?
I can see the docs mention that it's required, but it's not being correctly typed in typescript - unless I'm missing something?
i'm having the same issue @mr nooli have you found a solution yet
Nada
well i guess i'm back to the old way for now
they should update their doc
@mr nooli would you point me to where in the docs you got this?
https://supabase.com/docs/guides/auth/jwts
When I checked when I had first asked, I swear there was a section saying it was required
JSON Web Token (JWT) | Supabase Docs
Information on how best to use JSON Web Tokens with Supabase
I might be going crazy. Regardless, it might(?) exist in the jwt - why isn't it typed in the supabase sdk?
I think the thing is: anything might be there, because you can put whatever you want in the hooks... But perhaps the docs could do a better job communicating that
How would one go about ensuring it definitely is there
Build 'er I suppose. (I'm not sure why
is_anonymous isn't in the JwtPayload type already, but it ought to be. Might be a good PR for someone to create in the auth-js repo.