Hi there!
If I use some another auth system (0auth, auth0 or token-based), how can I use RLS?
While WeWeb uses a public API key for any actions, I suppose I should create a function with security:definer, create/check existance of an account in my sign up/in workflows and retrieve an id and token for the user. But how can I use them after? There are no header fields in Supabase plugin to insert any additional token.
What’s the best practice?
You have to use Supabase Auth, and connect your auth (0Auth Auth0, custom) to supabase on the supabase side instead I think.
You can configure many way to authenticate with supabase. Currently we only support Email and Social login in the UI, but you can do more with some js, leveraging the underlying supabase js client.
We plan to update the plugin soon to support everything supabase allow through workflow action.
I understand that the best option is to use Supabase Auth with Supabase as a collection. But Supabase doesn’t support custom OAuth providers and if (for some reason) I can’t use auth0 only one way is to make a bearer auth (for example in case with Line messenger) from WeWeb.
The question is: can I somehow connect Supabase RLS with non-Supabase auth in WeWeb?