Thank for the summary the video 🙂.

bro,i have doubt, is someone know my supabase key,is it enough to access the supabase project,and the database??

Yes I missed the rest API label on the arrow from user to supabase 😅

Hopefully they have this feature

What do you need it for? Pretty sure the signUp function throws an error if you try to sign up with an existing email

@@NiznArtworks Unfortunately it does not i am using the new ssr package it does not throw error and as the auth table cannot be read from unauthenticated users it always sends a 201 response but does not create a new user in the auth.users supabase table with the same email

@@4surajgo You're right, signing up with the same email actually returns a response which looks like a successfull sign up. I think this changed, it used to throw an error. However, it's considered a security issue if you show the User, that there's already an account registered to that Email. Because then someone could check if certain accounts with certain emails exist and try to bruteforce the password for example. But i do think that supabase should throw a generic error in that case, otherwise there's no way to handle that in the frontend

@@4surajgo Supabase not returning an error is intended behaviour because of security concerns. But the User Data returned by the signUp function is actually not real data. So after calling the signUp function you can use the supabase.auth.admin.getUserById function to check if the user exists or not. If it does not exist, no user has been created and you can show an error in your UI. But i still wouldn't recommend to tell the user, that an account with that email already exists. Also keep in mind that you need a supabase client created with the service key to have access to the supabase.auth.admin functions. So dont expose this to the frontend

You can think of build a app with supabase like you invite them to your house and So they can try to open any rooms so we need to make sure we lock the rooms and allow only people with permission to access. and about Self host is not very easy to do and it is costly as well if we do not it properly and self host is not for everyone 😅.

@@DailyWebCoding I agree on self host part, in you are someone who just learned tech to build something, it is basically impossible to self host. My idea here is, if you are big enough that someone is poking around different API, hire a dev, rebuild in raw Postgres or something. Personally speaking, if I am not in mood to do MongoDB (my preferred DB for every indie hacker project), I just use firebase.

By default the policy is enabled. But you have to setup otherwise no one can do anything actions to your table

Thank you 😁

I don’t get it. Did I say it is different?? Have you watch the video ?? Do you get my message from the video ?? If no should watch again. Lol

bro,i have doubt, is someone know my supabase key,is it enough to access the supabase project,and the database??