Created
May 25, 2026 05:13
-
-
Save micahjon/222d95b48f921d74b8dc9cadcf13f0c8 to your computer and use it in GitHub Desktop.
Supabase JS client (only auth)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // Adapted from SupabaseClient constructor | |
| // Just grabbed the portion that sets up supabase.auth | |
| // Note: I use @supabase/supabase-js v2.58.0 since the next version adds webauthn support for MFA. Cool, but increases bundle size by over 25%! | |
| // | |
| // Usage: | |
| // const supabase = { | |
| // auth: getSupabaseAuthClient('https://your-api-url.supabase.co', YOUR_SUPABASE_KEY) | |
| // }; | |
| // | |
| import { | |
| DEFAULT_AUTH_OPTIONS, | |
| DEFAULT_DB_OPTIONS, | |
| DEFAULT_GLOBAL_OPTIONS, | |
| DEFAULT_REALTIME_OPTIONS, | |
| } from '@supabase/supabase-js/dist/module/lib/constants'; | |
| import { | |
| applySettingDefaults, | |
| validateSupabaseUrl, | |
| } from '@supabase/supabase-js/dist/module/lib/helpers'; | |
| import { SupabaseAuthClient } from '@supabase/supabase-js/dist/module/lib/SupabaseAuthClient'; | |
| import { | |
| Fetch, | |
| SupabaseAuthClientOptions, | |
| } from '@supabase/supabase-js/dist/module/lib/types'; | |
| export function getSupabaseAuthClient(supabaseUrl: string, supabaseKey: string) { | |
| const baseUrl = validateSupabaseUrl(supabaseUrl); | |
| if (!supabaseKey) throw new Error('supabaseKey is required.'); | |
| const authUrl = new URL('auth/v1', baseUrl); | |
| // default storage key uses the supabase project ref as a namespace | |
| const defaultStorageKey = `sb-${baseUrl.hostname.split('.')[0]}-auth-token`; | |
| const DEFAULTS = { | |
| db: DEFAULT_DB_OPTIONS, | |
| realtime: DEFAULT_REALTIME_OPTIONS, | |
| auth: { ...DEFAULT_AUTH_OPTIONS, storageKey: defaultStorageKey }, | |
| global: DEFAULT_GLOBAL_OPTIONS, | |
| }; | |
| const settings = applySettingDefaults({}, DEFAULTS); | |
| const headers = settings.global.headers ?? {}; | |
| return _initSupabaseAuthClient(settings.auth ?? {}, headers, settings.global.fetch); | |
| function _initSupabaseAuthClient( | |
| { | |
| autoRefreshToken, | |
| persistSession, | |
| detectSessionInUrl, | |
| storage, | |
| userStorage, | |
| storageKey, | |
| flowType, | |
| lock, | |
| debug, | |
| }: SupabaseAuthClientOptions, | |
| headers?: Record<string, string>, | |
| fetch?: Fetch | |
| ) { | |
| const authHeaders = { | |
| Authorization: `Bearer ${supabaseKey}`, | |
| apikey: `${supabaseKey}`, | |
| }; | |
| return new SupabaseAuthClient({ | |
| url: authUrl.href, | |
| headers: { ...authHeaders, ...headers }, | |
| storageKey: storageKey, | |
| autoRefreshToken, | |
| persistSession, | |
| detectSessionInUrl, | |
| storage, | |
| userStorage, | |
| flowType, | |
| lock, | |
| debug, | |
| fetch, | |
| // auth checks if there is a custom authorizaiton header using this flag | |
| // so it knows whether to return an error when getUser is called with no session | |
| hasCustomAuthorizationHeader: Object.keys(headers || {}).some( | |
| (key) => key.toLowerCase() === 'authorization' | |
| ), | |
| }); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment