Hi everyone,
I'm facing a challenge integrating Supabase OTP authentication with FlutterFlow's native Supabase integration and hoping someone can offer some guidance or solutions.
Here's the situation:
I'm using Supabase's built-in OTP authentication for user signup and login. This part works perfectly – users can successfully sign up and log in via OTP.
The problem arises when I try to access user-specific data using FlutterFlow's native Supabase integration. My Supabase tables have Row Level Security (RLS) policies that restrict access to authenticated users only.
Scenario 1 (Anonymous RLS): If I set the RLS policy on my Supabase table to
anon, the data is visible in FlutterFlow. However, this is obviously a major security risk and unacceptable for production.Scenario 2 (Authenticated RLS): When I set the RLS policy to
authenticated(which is what I need for security), the data is no longer displayed in FlutterFlow.
After some research, I suspect the issue is that the JWT (JSON Web Token) generated during the OTP authentication process isn't being correctly passed to the native Supabase queries made by FlutterFlow. It seems that the native integration doesn't automatically pick up the JWT after a custom authentication flow (like OTP).
My question is:
Has anyone encountered a similar issue? Is there a known workaround or solution to ensure that the JWT from Supabase OTP authentication is used for queries made by FlutterFlow's native Supabase integration? I'd really prefer to use the native integration if possible for ease of development.
Any help or insights would be greatly appreciated!
Thanks in advance🤩