Help for session/auth

Hi everyone,

Started using supabase yesterday and focused on auth system.
Now, I have a hard time with RLS/policies mechanic.

I have a clients table with RLS and this policy:

alter policy "Enable read access for all users"
on "public"."clients"
to authenticated
using (true);

alter policy "Enable read access for all users"
on "public"."clients"
to authenticated
using (true);

alter policy "Enable read access for all users"
on "public"."clients"
to authenticated
using (true);

alter policy "Enable read access for all users"
on "public"."clients"
to authenticated
using (true);

I call a Node app with the following code:

export const loginRepository = async (email: string, password: string) => {
  const { data, error } = await supabase.auth.signInWithPassword({
    email,
    password,
  });
  if (error) throw new Error(error.message);
  return data;
};

export const loginRepository = async (email: string, password: string) => {
  const { data, error } = await supabase.auth.signInWithPassword({
    email,
    password,
  });
  if (error) throw new Error(error.message);
  return data;
};

export const loginRepository = async (email: string, password: string) => {
  const { data, error } = await supabase.auth.signInWithPassword({
    email,
    password,
  });
  if (error) throw new Error(error.message);
  return data;
};

export const loginRepository = async (email: string, password: string) => {
  const { data, error } = await supabase.auth.signInWithPassword({
    email,
    password,
  });
  if (error) throw new Error(error.message);
  return data;
};

When trying to get clients without sign in before, I have a empty array, it's ok.
Then, I log using Postman, and I can retrieve my clients table from everywhere (Postman, browser ...)
I really don't understand the behavior, how it work. Supabase use sessions table, but, why log in from Postman allow me to retrieve the data from everywhere ?

Help for session/auth

Similar Threads

Similar Threads

Similar Threads