S
Supabase2mo ago
mjamore

JWT Signing Keys in Swift?

I saw this video from Jon Meyers about using JWT Signing Keys to significantly improve the authentication speed of a web application. I was wondering if this can be applied to Swift iOS applications as well? My Swift application follows this Supabase tutorial and my code looks like this: 
let client = SupabaseClient(
  supabaseURL: URL(string: "https://abc.supabase.co")!,
  supabaseKey: "abc"
)
let client = SupabaseClient(
  supabaseURL: URL(string: "https://abc.supabase.co")!,
  supabaseKey: "abc"
)
And I get the user's ID like this: 
for await state in client.auth.authStateChanges {
    session.userID = state.session?.user.id
}
for await state in client.auth.authStateChanges {
    session.userID = state.session?.user.id
}
Are there any changes that can be made to Swift applications to take advantage of the new JWT Signing Keys feature to help improve authentication time?
6 Replies
garyaustin
garyaustin2mo ago
The article is mainly on improving SSR (server side) performance as the JWT has to be verified on each call.
mjamore
mjamoreOP2mo ago
Ok, so sounds like this would not be applicable for a client side iOS application. I do have a couple supabase edge functions that are written in Typescript and are using the getUser function, so I presume I could make this auth optimization there, correct?
j4
j42mo ago
It might depend on how you're authenticating the supabase client in the edge function. If you're only doing it by setting the global header option, then the answer is "no".
mjamore
mjamoreOP2mo ago
Here is the code I'm using for auth within the Supabase edge function: 
const supabase = createClient(
      Deno.env.get("SUPABASE_URL")!,
      Deno.env.get("SUPABASE_ANON_KEY")!,
      {
        global: {
          headers: { Authorization: req.headers.get("Authorization")! },
        },
      }
    );

    const {
      data: { user },
      error,
    } = await supabase.auth.getUser();
const supabase = createClient(
      Deno.env.get("SUPABASE_URL")!,
      Deno.env.get("SUPABASE_ANON_KEY")!,
      {
        global: {
          headers: { Authorization: req.headers.get("Authorization")! },
        },
      }
    );

    const {
      data: { user },
      error,
    } = await supabase.auth.getUser();
garyaustin
garyaustin2mo ago
Also the biggest benefit performance wise is that getClaims caches the publishable key so it only fetches occasionally. On an edge function this caching won't be doing mush as it is gone when the function ends. There is some savings in not querying the DB (getUser) but you still have some latency to get the secret. I don't know the details of network speed of that endpoint and ability of CDN to cache if any. I don't believe they have the publishable secret yet provided to the edge functions secrets which would be ideal as then you could just use a JWT library to do what getClaims does.
mjamore
mjamoreOP2mo ago
Understood. Thank you so much for your help and quick responses!

Did you find this page helpful?