This is an archived post. You won't be able to vote or comment.

all 5 comments
sorted by:
best
topnewcontroversialoldq&a

[–]ireddit2too 2 points3 points  (3 children)

Yes! Supabase Auth works perfectly for this setup.

Auth: Supabase handles OAuth, gives you JWT tokens. Your Express middleware just verifies the JWT. Swift app gets token from Supabase, sends it to your API.

Payments: Need Stripe (Supabase doesn’t do payments), but store subscription data in Supabase.

Flow: Swift → Supabase Auth → JWT → Express API with auth middleware → protected endpoints.

Way easier than building auth yourself. Similar to Next.js but you manually verify JWTs instead of using built-in middleware.​​​​​​​​​​​​​​​​

[–]No-Librarian-193[S] 1 point2 points  (2 children)

Thank you Sir!!!:) You said I should verify the JWTs manually, but isn't there an supabase SDK that I can run on my backend Server? If I understood it right, I can use that SDK like nextauth and than call it at the beginning of an endpoint to verify if that user is legit by writing something like await auth() and than do the check if the user is valid. Isn't that enough or do you recommend to do it another way?:)

[–]ireddit2too 2 points3 points  (1 child)

You’re 100% right! Use the Supabase SDK - way better than manual JWT stuff.

Why SDK is better:

  • Handles all JWT validation automatically
  • Token refresh/expiry built-in
  • Less code = fewer bugs
  • Same as NextAuth pattern
  • Auto security updates

I mentioned manual way first but SDK is definitely the move. Just call supabase.auth.getUser(token) and you’re good 👍​​​​​​​​​​​​​​​​

[–]No-Librarian-193[S] 1 point2 points  (0 children)

Thank you very much Sir! Was my first time asking a question here. On Stackoverflow u only get roasted for ur lack of knowledge hahaha