Giters

supabase / auth

A JWT based API for managing users and issuing JWT tokens

Home Page:https://supabase.com/docs/guides/auth

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Raising an exception on postgress via triggers doesn't send the message to the API response

therealsujitk opened this issue · comments

commented

Bug report

  • I confirm this is a bug with Supabase, not with my own application.
  • I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

Note

The reason I'm adding this as a bug and not a feature request is because after researching how to go about this, I found a PR of what I wanted has already been merged, but doesn't seem to work. ~ #404

In PostgREST, it's possible to raise an exception with a custom message and status code which gets added to the API response. Here's an example, source

CREATE OR REPLACE FUNCTION "public"."just_fail"()
  RETURNS trigger
  LANGUAGE plpgsql
  AS $$
BEGIN
  RAISE EXCEPTION 'I refuse!'
    USING DETAIL = 'Pretty simple',
          HINT = 'There is nothing you can do.';
  return new
END
$$;

Now when you call this function using a trigger like so,

CREATE TRIGGER "reject_movie_additions"
  AFTER INSERT ON "public"."movies"
  FOR EACH ROW
  EXECUTE PROCEDURE "public"."just_fail"();

So when you try inserting a record using supabaseClient.find('movies').insert(), the API response comes out like,

{
  "message":"I refuse!",
  "details":"Pretty simple",
  "hint":"There is nothing you can do.",
  "code":"P0001"
}

However, when you add a trigger like this to auth.users. It returns a generic error message "Database error saving new user".

To Reproduce

Steps to reproduce the behavior, please provide code snippets or a repository:

  1. Create a function that raises an exception. 
    CREATE OR REPLACE FUNCTION "public"."just_fail"()
  RETURNS trigger
  LANGUAGE plpgsql
  SECURITY DEFINER SET search_path = ''
  AS $$
BEGIN
  RAISE EXCEPTION 'I refuse!'
    USING DETAIL = 'Pretty simple',
          HINT = 'There is nothing you can do.';
  return new
END
$$;
  2. Create a trigger on auth.users that calls this function. 
    CREATE TRIGGER "reject_registrations"
  AFTER INSERT ON "auth"."users"
  FOR EACH ROW
  EXECUTE PROCEDURE "public"."just_fail"();
  3. Try registering as a new user using supabaseClient.auth.signUp().
  4. You'll get a generic error message. 
    {
  "code": "unexpected_failure",
  "status": 500,
  "message": "Database error saving new user"
}

Expected behavior

It would be convenient if we could add a custom error message using postgres exceptions. I understand we might not want to send back every exception since that could leak information, but maybe we can have a check to see if the exception passes some criteria (ex: has certain sqlstate codes) and then pass it on to the response.

Screenshots

None

System information

  • OS: MacOS
  • Browser: Brave Browser
  • Version of supabase-js: v2.43.4
  • Version of Node.js: v20.13.1

Additional context

Related Issue - #271
Related Pull Request - #404
Similar Issue - supabase/storage#373

commented

Supabase Auth is not PostgREST. This will not be supported, and similar behavior will be achieved with account-level hooks (before/after sign-up, sign-in, etc.) which are planned.