Supabase Auth

Auth implementation for the Supabase Potion SDK in Elixir.

Installation

def deps do
  [
    {:supabase_potion, "~> 0.7"},
    {:supabase_auth, "~> 1.0.0"} # x-release-please-version
  ]
end

Quick Start

1. Create a Supabase client:

client = Supabase.init_client!("https://myapp.supabase.co", "myapp-api-key")

1. Use the authentication functions:

# Sign in with email and password
{:ok, session} = Supabase.Auth.sign_in_with_password(client, %{
  email: "user@example.com",
  password: "secure-password"
})

# Get the current user
{:ok, user} = Supabase.Auth.get_user(client, session)

Documentation

• HexDocs - Complete API reference
• Authentication Guide - Authentication methods and integration
• MFA Guide - Multi-Factor Authentication

Authentication Methods

• Sign in with email/password
• Sign in with phone/password
• Sign in with magic link (OTP)
• OAuth (social) authentication
• Single Sign-On (SSO)
• Anonymous sign in
• Multi-factor authentication

Integration Options

Traditional Web Applications (Plug/Phoenix)

# Define your auth module
defmodule MyAppWeb.Auth do
  use Supabase.Auth.Plug,
    endpoint: MyAppWeb.Endpoint,
    signed_in_path: "/app",
    not_authenticated_path: "/login"
end

# In your router
defmodule MyAppWeb.Router do
  import MyAppWeb.Auth

  pipeline :browser do
    plug :fetch_session
    plug :fetch_current_user, client: Supabase.init_client!("https://myapp.supabase.co", "your-anon-key")
  end

  # Public routes
  scope "/", MyAppWeb do
    pipe_through [:browser, :redirect_if_user_is_authenticated]

    get "/login", SessionController, :new
    post "/login", SessionController, :create
  end

  # Protected routes
  scope "/app", MyAppWeb do
    pipe_through [:browser, :require_authenticated_user]

    get "/", DashboardController, :index
  end
end

# In your controller
defmodule MyAppWeb.SessionController do
  use MyAppWeb, :controller
  alias MyAppWeb.Auth

  def create(conn, %{"user" => user_params}) do
    client = Supabase.init_client!("https://myapp.supabase.co", "your-anon-key")

    case Auth.log_in_with_password(conn, client, user_params) do
      {:ok, conn} ->
        conn
        |> put_flash(:info, "Welcome back!")
        |> redirect(to: "/app")

      {:error, reason} ->
        conn
        |> put_flash(:error, "Invalid credentials")
        |> render(:new)
    end
  end
end

Phoenix LiveView Applications

# Define your auth module
defmodule MyAppWeb.Auth do
  use Supabase.Auth.LiveView,
    endpoint: MyAppWeb.Endpoint,
    signed_in_path: "/app",
    not_authenticated_path: "/login"
end

# In your LiveView
defmodule MyAppWeb.DashboardLive do
  use MyAppWeb, :live_view
  alias MyAppWeb.Auth

  def mount(_params, _session, socket) do
    # Assign the Supabase client to the socket
    client = Supabase.init_client!("https://myapp.supabase.co", "your-anon-key")
    socket = Auth.assign_supabase_client(socket, client)

    # socket.assigns.current_user is available here after on_mount
    {:ok, assign(socket, page_title: "Dashboard")}
  end
end

# In your router
live_session :authenticated,
  on_mount: [
    {MyAppWeb.Auth, :mount_current_user},
    {MyAppWeb.Auth, :ensure_authenticated}
  ] do
  live "/dashboard", DashboardLive
end

Examples

Check the Supabase Potion examples showcase for sample applications.