Feature Request: Add Official Supabase Support

logto-io / logto

🧑‍🚀 The better identity infrastructure for developers and the open-source alternative to Auth0.

https://logto.io

Mozilla Public License 2.0

8.67k stars 440 forks source link

Feature Request: Add Official Supabase Support #1797

Open About7Deaths opened 2 years ago

About7Deaths commented 2 years ago

What problem did you meet?

It is unclear if Supabase is properly / fully supported. The authentication flow I have in mind is using Logto as the identity and authentication server for the login page of my application, which would then redirect to an application dashboard populated by the various Supabase database features (besides their built-in authentication).

Describe what you'd like Logto to have

I am unsure if changes only need to be made to Supabase, or additionally to Logto. To facilitate further discussion of this problem, I created an issue on the Superbase repository requesting that they add support for Logto OIDC - see Issue 407 Reference.

gao-sun commented 2 years ago

thank you! really cool idea

baderdean commented 2 years ago

Hello,

is there some updates to this feature request? Supabase uses Gotrue yet the IAM part is very basic. I rather prefer a proper solution like Logto for a better user experience.

gao-sun commented 2 years ago

@baderdean yes! we're looking at it. we are new to supabase and its integration process takes more time than we expected. will keep you posted.

gao-sun commented 2 years ago

After some investigation, before Logto has a "custom token signing" feature, I think it's pretty close to the Auth0 integration:

Since:

For now Logto cannot be used as a third-party identity provider
For the first-party integration, you also need to manually sign the JWT after user signed in

Replace the Auth0 part with Logto and it'll be good I suppose. @wangsijie would you like to double check when you have time? thanks.

wangsijie commented 2 years ago

Replace the Auth0 part with Logto will work! But I am not sure whether this can solve your problem. @About7Deaths In this way, Logto will take place the whole built-in authentication provided by Supabase, as for authorization, some fetures like "Row Level Security" will still be available, but the other parts like "Managing User Data" may not work.

github-actions[bot] commented 1 year ago

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

baderdean commented 1 year ago

Too bad it has been closed as not planned. We're going for GoTrue then.

gao-sun commented 1 year ago

Too bad it has been closed as not planned. We're going for GoTrue then.

ah the auto close is unexpected

wangsijie commented 1 year ago

@baderdean @About7Deaths After a further investigation, I am sure that @gao-sun's conclusion works, can it solve your problem?

baderdean commented 1 year ago

We're using Supabase Gotrue because it was easier but still unhappy about many stuff like: no default UI, no nice email templates, no ability to have multi-social login account linked to the auth account, no ability to get additional credentials besides the basic ones during auth (for example accessing the contact lists)