V3 is coming

[rphlmr]

Discussed in https://github.com/rphlmr/supa-fly-stack/discussions/66

^{Originally posted by **rphlmr** February 17, 2023} Hello there, I'll publish a v3 with some breaking changes on the "auth module". I have launched a new stack with a new way to commit auth session and I want to have the same pattern on every stack I maintain :) Nothing hard to understand but a major change: `requireAuthSession` will no more magically refresh the session in `loader`. Currently: - in `loader` function, If the access_token expires, I refresh it and reload the `loader`. - in `action` function, because we can't reload it, you have to commit the session in every `return json`. In future, you will have to commit the session in `loader` and `action`. Because writing the full header is too long, I have imagined something and will provide [a `response` helper to handle that for you](https://github.com/rphlmr/supa-stripe-stack/blob/e9b68c5148253c8884afdfad19b8c61a91294a23/app/utils/http.server.ts#L115). ```ts export async function loader({ request }: LoaderArgs) { const authSession = await requireAuthSession(request); // maybe a refreshed authSession const { userId } = authSession; try { const notes = await getNotes({ userId }); return response.ok( { notes }, { authSession } // will commit it for you ); } catch (cause) { throw response.error(cause, { authSession }); } } export async function action({ request, params }: ActionArgs) { const authSession = await requireAuthSession(request); // maybe a refreshed authSession const { userId } = authSession; try { await deleteNote(params.id); return response.ok( { success: true }, { authSession } // will commit it for you ); } catch (cause) { return response.error(cause, { authSession }); } } ``` Spoilers: `authSession` will have a `cookie` property that is nothing more than the result of `sessionStorage.commitSession(session, { maxAge: SESSION_MAX_AGE, })`. Then, `response.ok` or `response.error` will put this cookie in headers :) You can check what is coming here: https://github.com/rphlmr/supa-stripe-stack

[dan-cooke]

Hey! nice stack dude!

Would you consider following the docs here https://supabase.com/docs/guides/auth/auth-helpers/remix and using the remix helper library for supabase? (not sure if this existed when you started)

[rphlmr]

Hey! nice stack dude!

Would you consider following the docs here https://supabase.com/docs/guides/auth/auth-helpers/remix and using the remix helper library for supabase? (not sure if this existed when you started)

Thanks 😇

I have one with only Supabase : https://github.com/rphlmr/supa-remix-stack but it is not up to date 😅

[dan-cooke]

Awesome! i'll check it out - I also noticed your benchmarks around using RLS with Supabase... thats a real kicker 200ms delay is not nice.

Do you know if theres a way to avoid going through Gotrue with Supabase, I doubt it - but just wondering!

Really want to use RLS with managed Postgres, just exploring my options at the minute

[rphlmr]

Since this stack, I have built a SAAS project. Server-side, I don't use RLS. I use it front side to use RealTime on tables I want to react on change (for example: on a new mention in a comment, Realtime triggers a Remix revalidator.revalidate() to refresh the notification counter). RLS here helps me to only react if the logged user is concerned.

[rphlmr]

I plan to make a new stack around Supabase, with Drizzle ORM (faster than Prisma, true SQL) and Realtime 🫢

[rphlmr]

I’ll try to use RLS server side in pure SQL when I have time. If I found something reliable, I’ll ping you ;)

[dan-cooke]

@rphlmr I appreciate that! I'll have a look into it myself in the mean time