Hi,
I am trying to understand how Auth works for Webweb. I am building a web app with Supabase as my database and also using Linked as an auth provider with Supabase.
Current setup
-
Setup Supabase as db and auth within WeWeb
-
Setup Supabase and Linkedin as provider
-
When a user clicks on the sign in button on the login page in preview mode they are redirected to the Linkedin auth page and then redirected a weweb editor page (for debugging)
-
I have a supabase trigger that creates a new row in the profile table for the user when they sign up. I have setup RLS on the profile table such that only a user can see their profile
Questions:
-
Post login, on the auth_redirect page, I see in my variables is_authenticated and user variable. How does this work? How can I build a case for when the login flow fails?
-
In the profiles collection, I only see data for the logged in user, but I did not implement any filters on the collection. Is this by design? Does Weweb manage this automatically?
-
Does Weweb handle the access tokens and integration with Supabase? If yes what are the key things I need to consider when building the app except RLS?
Thank you