Supabase.Auth.Plug (supabase_auth v1.0.0)

View Source

Provides Plug-based authentication support for the Supabase Auth authentication in Elixir applications.

This module offers a series of functions to manage user authentication through HTTP requests in Phoenix applications. It facilitates operations like logging in with a password, logging out users, fetching the current user from a session, and handling route protections based on authentication state.

All authentication functions accept a %Supabase.Client{} as an explicit parameter, giving you full control over client lifecycle and enabling easy testing and multi-tenant scenarios.

Configuration

The module requires some options to be passed:

  • endpoint: Your web app endpoint, used internally for broadcasting user disconnection events.
  • signed_in_path: The route to where the user should be redirected to after authentication
  • not_authenticated_path: The route to where the user should be redirected to if not authenticated
  • use_storage_key_namespacing?: Optionally use the client.auth.storage_key to namespace the session keys, for example: "user_token" becomes "sb-auth-key_user_token" (default: false)
  • session_cookie: The name of the "remember me" cookie (default: "_supabase_go_true_session_cookie")
  • session_cookie_options: Cookie options for the "remember me" cookie (default: [sign: true, same_site: "Lax"])

Usage

Define a module to be your Plug Authentication entrypoint and use this module to inject the necessary functions:

defmodule MyAppWeb.UserAuth do
  use Supabase.Auth.Plug,
    endpoint: MyAppWeb.Endpoint,
    signed_in_path: "/dashboard",
    not_authenticated_path: "/login"
end

Then in your router, use the generated functions by passing a client explicitly:

# In your controller
def create(conn, %{"user" => user_params}) do
  client = Supabase.init_client!("https://myapp.supabase.co", "your-anon-key")

  case MyAppWeb.UserAuth.log_in_with_password(conn, client, user_params) do
    {:ok, conn} ->
      conn |> put_flash(:info, "Welcome!") |> redirect(to: "/dashboard")
    {:error, reason} ->
      conn |> put_flash(:error, "Login failed") |> render(:new)
  end
end

# In your router pipeline
pipeline :browser do
  plug :fetch_session
  plug :fetch_current_user, client: Supabase.init_client!("https://myapp.supabase.co", "your-anon-key")
end

All authentication functions follow the pattern: function_name(conn, %Supabase.Client{}, params)