cli icon indicating copy to clipboard operation
cli copied to clipboard

Published 20 hours ago verified publisher icon supabase

Allow auto detection of --no-verify-jwt

Open riderx opened this issue 3 years ago • 2 comments

Feature request

When you update your functions, you have to do folder by folder and most of the time the only function who need --no-verify-jwt you forgot to do it.

This will never change, it can be cool to have a way to set for once. I have made a script who looks into the function folder and deploy all of them To handle my --no-verify-jwt issue, I added an empty file .no-verify-jwt into the folder stripe_event who is the one i need to have this. When my script sees this, it runs the command with the option. Then it's never forgotten.

Describe the solution you'd like

It could be cool to integrate this directly in the CLI

Describe alternatives you've considered

continuing to use my script

riderx avatar Jun 15 '22 23:06 riderx

Thanks for the suggestion! This is likely going to be a config eventually, e.g.:

[functions.my_function]
no_verify_jwt = true

soedirgo avatar Jun 16 '22 07:06 soedirgo

For now what i'm doing to handle this is a script: It read the function folder and deploy all function in it

import { existsSync, readdirSync } from 'fs'
import { promisify } from 'util'
import { exec as execCb } from 'child_process'
import { exit } from 'process'
import { outputFile } from 'fs-extra'
import { supa_url } from './utils.mjs'

const exec = promisify(execCb)
const folders = readdirSync('./supabase/functions')
  .filter(file => !file.startsWith('_'))

const projectRef = supa_url.split('.')[0].replace('https://', '')

try {
  console.log('projectRef', projectRef)
  await outputFile('./supabase/.temp/project-ref', projectRef)
  // for in folders
  for (const folder of folders) {
    const fileNoJWT = `./supabase/functions/${folder}/.no_verify_jwt`
    const fileNoDeploy = `./supabase/functions/${folder}/.no_deploy`
    let command = `supabase functions deploy ${folder}`
    let no_verify_jwt = false
    if (existsSync(fileNoJWT)) {
      command += ' --no-verify-jwt'
      no_verify_jwt = true
    }
    if (!existsSync(fileNoDeploy)) {
      console.log(`Upload ${folder}${no_verify_jwt ? ' no_verify_jwt' : ''}`)
      await exec(command).then((r) => {
        if (r.stderr) {
          console.error(folder, r.stderr)
          exit(1)
        }
        return r
      })
      console.log('Done ✅')
    }
    else {
      console.log('Ignored ⏭')
    }
  }
}
catch (e) {
  console.error(e) // should contain code (exit code) and signal (that caused the termination).
  exit(1)
}

i have also add the option to have no_deploy that allow me to store a demo function in GitHub without pushing it

riderx avatar Jul 28 '22 15:07 riderx

@soedirgo thanks a lot! Where can I found the documentation of the feature?

riderx avatar Jan 12 '23 15:01 riderx

We'll put up the docs on the CLI reference later. You can use it like so:

# supabase/config.toml

[functions.func_a]
verify_jwt = false

[functions.func_b]
verify_jwt = true

Edit: you can find the reference here: https://supabase.com/docs/reference/cli/config#functions.function_name.verify_jwt

soedirgo avatar Jan 12 '23 15:01 soedirgo

It works !

riderx avatar Apr 05 '23 01:04 riderx

I ended up here because I missed this in the docs somehow)

I started to implement a custom directive like use strict that could be parsed during the deploy.

'no-verify-jwt`;

import {server} from '...';

The one advantage here is that it's explicit in the code that the default security is disabled for the endpoint...

ChuckJonas avatar Sep 23 '23 16:09 ChuckJonas