ENG-989: Prune and describe client options (#508)

maparent · web-flow · commit 1ef50c9b1712 · 2025-10-26T12:19:34.000-04:00
diff --git a/apps/website/app/utils/supabase/client.ts b/apps/website/app/utils/supabase/client.ts
diff --git a/apps/website/app/utils/supabase/middleware.ts b/apps/website/app/utils/supabase/middleware.ts
@@ -2,6 +2,9 @@ import { createServerClient } from "@supabase/ssr";
 import { NextResponse, type NextRequest } from "next/server";
 import { envContents } from "@repo/database/dbDotEnv";
 
+// This would allow to create Next pages gated by a login middleware,
+// as described here: https://nextjs.org/docs/app/api-reference/file-conventions/middleware
+// Not usable yet, waiting for ENG-373
 // Inspired by https://supabase.com/ui/docs/nextjs/password-based-auth
 
 export const updateSession = async (request: NextRequest) => {
@@ -17,10 +20,8 @@ export const updateSession = async (request: NextRequest) => {
 
   const supabase = createServerClient(supabaseUrl, supabaseKey, {
     cookies: {
-      getAll() {
-        return request.cookies.getAll();
-      },
-      setAll(cookiesToSet) {
+      getAll: () => request.cookies.getAll(),
+      setAll: (cookiesToSet) => {
         cookiesToSet.forEach(({ name, value }) =>
           request.cookies.set(name, value),
         );
diff --git a/apps/website/app/utils/supabase/server.ts b/apps/website/app/utils/supabase/server.ts
@@ -3,6 +3,7 @@ import { cookies } from "next/headers";
 import type { Database } from "@repo/database/dbTypes";
 import { envContents } from "@repo/database/dbDotEnv";
 
+// This is a supabase client to be used in a server process such as NextJS
 // Inspired by https://supabase.com/ui/docs/nextjs/password-based-auth
 
 export const createClient = async () => {
@@ -18,16 +19,16 @@ export const createClient = async () => {
   // following https://supabase.com/docs/guides/auth/server-side/creating-a-client?queryGroups=environment&environment=server
   return createServerClient<Database>(supabaseUrl, supabaseKey, {
     cookies: {
-      getAll() {
+      getAll: () => {
         return cookieStore.getAll();
       },
-      setAll(
+      setAll: (
         cookiesToSet: {
           name: string;
           value: string;
           options: CookieOptions;
         }[],
-      ) {
+      ) => {
         try {
           cookiesToSet.forEach(
             ({
diff --git a/packages/database/supabase/functions/create-space/index.ts b/packages/database/supabase/functions/create-space/index.ts
@@ -220,6 +220,9 @@ Deno.serve(async (req) => {
       headers: { "Content-Type": "application/json" },
     });
   }
+  // note: If we wanted this to be bound by permissions, we'd set the following options:
+  // { global: { headers: { Authorization: req.headers.get('Authorization')! } } }
+  // But the point here is to bypass RLS
   const supabase: DGSupabaseClient = createClient(url, key);
 
   const { data, error } = await processAndGetOrCreateSpace(supabase, input);

Original file line number	Diff line number	Diff line change
`@@ -220,6 +220,9 @@ Deno.serve(async (req) => {`
`220`	`220`	`headers: { "Content-Type": "application/json" },`
`221`	`221`	`});`
`222`	`222`	`}`
	`223`	`+ // note: If we wanted this to be bound by permissions, we'd set the following options:`
	`224`	`+ // { global: { headers: { Authorization: req.headers.get('Authorization')! } } }`
	`225`	`+ // But the point here is to bypass RLS`
`223`	`226`	`const supabase: DGSupabaseClient = createClient(url, key);`
`224`	`227`
`225`	`228`	`const { data, error } = await processAndGetOrCreateSpace(supabase, input);`