Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Send Valid User Access Token to Realtime Server #12

Closed
w3b6x9 opened this issue Nov 29, 2021 · 5 comments
Closed

Send Valid User Access Token to Realtime Server #12

w3b6x9 opened this issue Nov 29, 2021 · 5 comments

Comments

@w3b6x9
Copy link

w3b6x9 commented Nov 29, 2021
edited
Loading

Feature request

Realtime server is now checking every minute to verify the validity of the user access token and storing updated user information from the JWT to Realtime's subscription table (used by Realtime WALRUS).

Describe the solution you'd like

  1. Realtime client pushes the user access token to all channels every heartbeat, which defaults to 30 seconds (see ref, ref, and ref).
  2. Supabase client sends latest and valid user access token on auth events SIGNED_IN and TOKEN_REFRESHED (see ref)*.
  3. Supabase client removes all subscriptions on auth event SIGNED_OUT (see ref)*.

*fix: improve auth for realtime row level security #303

Additional context

Realtime Security (WALRUS) will be launched very soon so we'll mention that additional Supabase client libs, like this one, will be compatible with the new Realtime some time in the near future.
@acupofjose
Copy link
Contributor

acupofjose commented Nov 29, 2021
edited
Loading

@w3b6x9 thanks for the heads up! I'm working on it now!

@w3b6x9
Copy link
Author

w3b6x9 commented Nov 29, 2021

@acupofjose awesome! You already figured it out but just to clarify realtime-js calls setAuth in _sendHeartbeat, which is called every heartbeat interval.

acupofjose added a commit to supabase-community/realtime-csharp that referenced this issue Nov 29, 2021
@acupofjose
Add support for WALRUS AccessToken Pushes on every heartbeat see [#12
163f2e1 
…](supabase-community/supabase-csharp#12)
@acupofjose
Copy link
Contributor

@w3b6x9 it doesn't look like USER_DELETED is implemented in gotrue-js (https://github.com/supabase/gotrue-js/search?q=USER_DELETED) is that correct?

@w3b6x9
Copy link
Author

w3b6x9 commented Nov 30, 2021

@w3b6x9 it doesn't look like USER_DELETED is implemented in gotrue-js (https://github.com/supabase/gotrue-js/search?q=USER_DELETED) is that correct?

@acupofjose good catch! Looks like it's not implemented yet. I'll remove it from this feature request.

acupofjose added a commit that referenced this issue Nov 30, 2021
@acupofjose
Support for [#12](#12)
aa362af
@acupofjose
Copy link
Contributor

Available in 0.2.6!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@w3b6x9 @acupofjose