User IDs as strings instead of UUIDs for external auth? #4954
-
Hello - I work for clerk.dev (an authentication service) and we're working to improve our compatibility with Supabase. A key challenge is that our User IDs are strings (prefixed KSUIDs) instead of UUIDs. This is breaking the supabase/docker/volumes/db/init/01-auth-schema.sql Lines 92 to 101 in c8d910a Is there a recommended way to get past this? We'd like to better understand the different options. Currently, our guide omits the We've had three other ideas:
|
Beta Was this translation helpful? Give feedback.
Replies: 17 comments 4 replies
-
It'd be just amazing to have the simple |
Beta Was this translation helpful? Give feedback.
-
Any update on the matter? The provided workaround doesn't work... |
Beta Was this translation helpful? Give feedback.
-
Maybe creating a new policy (like |
Beta Was this translation helpful? Give feedback.
-
The suggested workaround didn't work for me and this is a deal breaker not to be able to implement RLS
userId is coming from
Any update on when the native auth.uid() api call would be working ? |
Beta Was this translation helpful? Give feedback.
-
Hey @colinclerk, sorry for the late reply here.
Can you show a snippet of how would you do that? Not sure if possible since the function signature would have to change as well( As suggested by JonathanPicques, another option would be to add a custom funcion to the |
Beta Was this translation helpful? Give feedback.
-
Hello, just wanted to check if there have been any updates on this or if using the custom function is still the way to go. Thanks! |
Beta Was this translation helpful? Give feedback.
-
@colinclerk I'm also curious if there has been any progress on this topic. |
Beta Was this translation helpful? Give feedback.
-
Would love integrate clerk and supabase in my project but coming across several snags as I'm not great with understanding RLS or SQL in general ): |
Beta Was this translation helpful? Give feedback.
-
Also looking for this! |
Beta Was this translation helpful? Give feedback.
-
Is there any progress on this issue? Seem to take a long time to resolve |
Beta Was this translation helpful? Give feedback.
-
Any news on that? |
Beta Was this translation helpful? Give feedback.
-
First, you'll need to drop the FK from the storage.objects table: ALTER TABLE storage.objects
DROP CONSTRAINT objects_owner_fkey; Here's a possible workaround for converting any text into uuid by hashing it, then formatting as UUID: CREATE OR REPLACE FUNCTION convert_to_uuid(input_value text)
RETURNS uuid AS $$
DECLARE
hash_hex text;
BEGIN
-- Return null if input_value is null or an empty string
IF input_value IS NULL OR NULLIF(input_value, '') IS NULL THEN
RETURN NULL;
END IF;
hash_hex := substring(encode(digest(input_value::bytea, 'sha512'), 'hex'), 1, 36);
RETURN (left(hash_hex, 8) || '-' || right(hash_hex, 4) || '-4' || right(hash_hex, 3) || '-a' || right(hash_hex, 3) || '-' || right(hash_hex, 12))::uuid;
END;
$$ LANGUAGE plpgsql; Then, you could edit the clerk's requesting_user_id function to use this instead: create or replace function requesting_user_id()
returns uuid
language sql stable
as $$
select convert_to_uuid(current_setting('request.jwt.claims', true)::json->>'sub');
$$; |
Beta Was this translation helpful? Give feedback.
-
Can this be picked up and looked at again for proper intergration? You guys are "partners" according to you (Supabase) per your site and claim to be intergrated with each other but this still isn't resolved after 10 months nearly. Storage is still broken and It's not a full intergration of service currently, or it at least needs to be noted in docs from both sides that there is "limited" intergration at least. That's 10 months of devs picking these two as a potential service to find out they are not fully integrated quite a way into a build/test. Edit: I thought this originally brought up in Jan 2023 (only read the Jan part intially), but it was Jan 2022 this was brought to attention. 1 year 10 months this has been a thing. |
Beta Was this translation helpful? Give feedback.
-
shouldn't be required anymore, see supabase/storage#276 (comment) |
Beta Was this translation helpful? Give feedback.
-
Maybe turn it into a separate small dependency that you add only if you're using the combo of "Supabase + clerk" which would include a bunch of functions such as |
Beta Was this translation helpful? Give feedback.
-
Any updates? |
Beta Was this translation helpful? Give feedback.
-
something is "marked as an answer" but does not answer at all /-_-/ In the storage query the id is directly extracted from the "sub", the fucntion"requesting_user_id" is not even called |
Beta Was this translation helpful? Give feedback.
First, you'll need to drop the FK from the storage.objects table:
Here's a possible workaround for converting any text into uuid by hashing it, then formatting as UUID: