giusdp
Liveview and Supabase Auth access_token
Hi everyone,
I’m finding myself kinda paralyzed over this issue of authenticating (signup/login) an user in my Liveview+Supabase project. Mostly due to where to put the access_token (and refresh) that supabase gives me.
Supabase offers its own auth system with an api on top for user registration/login, it uses JWTs. In my project I have an UserController that calls the login endpoint with the credentials provided. I’m unsure if this is a good approach cause here the client sends the credentials to the server, the server calls the supabase api and gets the access_token, then where to store this access_token?
I’m using ecto with supabase so it’s kinda seamless from using any other postgres db (which is awesome), but I’m stuck on how to use and store these access_tokens for future queries after I login.
Perhaps should I just ignore the auth system and do it myself with phx.gen.auth and create my own users tables on the supabase postgres?
Marked As Solved
conradfr
I had recently the same question but with Firebase.
Where I’m at now is that I use Firebase only to log in the user (keeping it client side via a LiveView hook), verify the returned JWT at the backend level and then use Guardian and its own generated JWT to keep the user logged. That way I use Guardian plugs & helpers.
It’s a bit involved, especially as Phoenix doesn’t have built-in auth(s) support but it seems to work OK.
As for LiveView I stumbled upon “live_session” randomly and it’s useful. Read Live sessions in action · The Phoenix Files to know more.
To be honest if I only wanted to support email/password I would have probably used the (meh) Phoenix auth generator.
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance








