What does HackerNews think of gotrue?
A JWT based API for managing users and issuing JWT tokens
You can see how it fits into the full Supabase Architecture here: https://supabase.com/docs/guides/getting-started/architectur...
Keycloak is definitely more setup and a bit more clunky. I've never deployed Authentik though, I really need to kick the wheels on it and see how it works.
BTW in the simple auth/login space there is also:
- Keratin[0]
- GoTrue[1] (and Supabase's improved version[2])
- Authelia[3]
[0]: https://keratin.github.io/authn-server/#/
[1]: https://github.com/netlify/gotrue
Inside your RLS Policies you can use anything stored inside the JWT. My cofounder made a video [1] on this which is quite concise. Our way of handling this is just an extension of the PostgREST Auth recommendations: https://postgrest.org/en/v9.0/auth.html
[0] Auth server: https://github.com/supabase/gotrue
[1] RLS Video: https://supabase.com/docs/learn/auth-deep-dive/auth-row-leve...
You can! A lot of people do. Or you can use the Auth server directly: https://github.com/supabase/gotrue
https://github.com/netlify/gotrue/pull/254
tbh, our fork[1] has deviated a bit from Netlify's so we need to spend some time with them upstream'ing any changes that they would want to merge (perhaps magic links, Azure logins, OAuth scopes).
Long term, I think we will need to run 2 different forks because we have different requirements for multi-tenant. So the benefit here would be sharing "OAuth providers" (eg, if we add Okta, we upstream it, if they add Twitter logins, we pull it)
> magic link
We have this one available here:
https://supabase.io/docs/reference/javascript/auth-signin#si...
We don't have OTP, but that's a great idea - something we can add to GoTrue (https://github.com/supabase/gotrue)
This is a real-time Slack clone built with Postgres' Row Level Security. It's a simple POC, and you can deploy your own, which takes a few minutes. The database, auth, real-time, and APIs are handled by Supabase, which is an open source Firebase alternative (disclaimer: I work at Supabase). The front end is built with Next.js, deployed on Vercel.
Supabase just released Auth. We use Netlify's GoTrue[1] for authentication. When you spin up a Postgres database on our platform we populate it with an auth schema, turn on the relevant extensions, and add some helper functions - signup, login, etc. When a user signs up to your app, they are assigned a UUID and issued a JWT, which contains the role `authenticated` and their UUID. We can use these details to provide fine-grained authorization for each user using Postgres' Row Level Security.
RLS is a bit confusing at first, so the next month's work will be improving our Auth system to make it extremely simple to use. And documentation :)