How do we go about signing up and logging users in when there are collections in the app from both Xano and Supabase?
Since only one Auth Plugin can be configured at a time, is it then necessary to use a generic JWT token approach and configure that with both Supa and Xano? Or if using Supa as the auth provider, the user profile and auth.users table should live in Supabase and the data in Xano tables should be “unprotected” or “tokenless”?
Or would best practice be to use one Auth plugin, get the token into WeWeb and use that as the primary current user and then run a manual API call action to signup/login to the second platform? And thus daisy chain the user both on the in and out?
Why would you even do this. Anyway. The easiest scenario I can immagine is, Xano ↔ Supabase model where you check for the authenticity of the key you get either from Xano, or Supabase. It really boils down to what features you want to use. For example, in Xano, you can make a check based on the auth token from Supabase you pass in, and viceversa, and upon the data you get from that check, you decide what to do noext.
I’d say I would do something like what @Broberto is mentioning.
At the end of the day, a token is just that, a token. It can be checked against any backend. Then the best practice would be IMO to store user IDs (sync’ed) in both backend, and have 1-1 and 1-many relationships between data and user IDs, then check the token against the user ID ALWAYS on the backend side. But that obviously means that IDs need to be stored and updated if needed in both backends using some webhooks when a user changes.
Just wanted to poke this - found myself in the same scenario. Building a Twitter app but supabase with can not handle Twitter accounts that don’t have emails associated with them, however supabase as a database offers far more storage and ease of use (in my opinion) compared to Xano.
Hey @Broberto , have you came across a WeWeb Xano Twitter auth tutorial? For some reason I am really struggling to get that in place. Guessing it’s related to my callback url in Twitter? Not sure if that should be my editor weweb address or a xano endpoint. For supabase, they have a callback url that you use for the callback url for the provider.