ADeus icon indicating copy to clipboard operation
ADeus copied to clipboard

Published 20 hours ago verified publisher icon adamcohenhillel

Use server-side auth

Open troutowicz opened this issue 1 year ago • 5 comments

  • use server-side auth
  • remove supabase url and anon key login fields
  • create route /login
  • fix /login form
  • updated /login help link

With these changes, the supabase URL and anon key have been moved to env variables. Server-side auth opens up an easier path to refactoring supabase calls behind API routes.

troutowicz avatar Feb 25 '24 17:02 troutowicz

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
ad-deus ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 25, 2024 6:09pm

vercel[bot] avatar Feb 25 '24 17:02 vercel[bot]

hey @troutowicz ,

Appreciate the contribution a lot! but the client-side auth (+ client-side app entirely) and the user-configureable supabase URL and anon key was actually intentional, for the following reasons:

  1. Client-side: this is a web app, yes - but it is also a mobile app, converted using CapacitorJS. For capacitor to be able to run this Javascript as a native app as well, it needs to be all client-side.

  2. Supabase details: this is more of a "logic" decision. Because this is open-source-first project, where everyone can deploy their own Supabase backend, we wanted to let them use the frontend/client without running it themselves (i.e., going to https://adeus.ai and be able to use their own backend). This becomes more important with the native-mobile, where uploading a native mobile app to your phone is more complicated than just running a nextjs app. This way, people can just use the "official" deployed frontend on the web or on the app stores, with their own backend.

With that being said, I agree it is a bit messy and laggy. I am more than happy to see how we can improve it (I think @Jacksonmills was trying to make some edits to the hooks, etc) - but just bear in mind the constraints

What do you think?

adamcohenhillel avatar Feb 26 '24 12:02 adamcohenhillel

I talk about this a bit in this issue https://github.com/adamcohenhillel/ADeus/issues/19, but yeah as I have also learned about capacitorJS we need the entire app to be client only https://nextjs.org/docs/pages/building-your-application/deploying/static-exports#unsupported-features

@troutowicz would love your input on the issue I mentioned, I had some ideas about creating the client first then logging in, maybe we can refactor to make the client work a bit cleaner, would love your input/help if you'd like to

Jacksonmills avatar Feb 26 '24 14:02 Jacksonmills

Hmm, these are indeed strict constraints. Fair. There will be another half of users that want something owned by them, with a backend, though. Perhaps there should be a couple offerings for the application.

From my perspective, I would never use the mobile apps. The web app is simple enough that I'd access through my deployed web app instance for mobile and desktop.

troutowicz avatar Feb 26 '24 15:02 troutowicz

@Jacksonmills regarding #19, this is an easy fix tweaking some local state. Will open a PR for you.

troutowicz avatar Feb 26 '24 15:02 troutowicz