Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@caleblawson/auth-supabase

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@caleblawson/auth-supabase

Mastra Supabase Auth integration

latest
npmnpm
Version
0.10.1
Version published
Maintainers
1
Created
Source

@mastra/auth-supabase

A Supabase authentication integration for Mastra, providing seamless authentication and authorization capabilities using Supabase's authentication system.

Installation

npm install @mastra/auth-supabase
# or
yarn add @mastra/auth-supabase
# or
pnpm add @mastra/auth-supabase

Usage

import { Mastra } from '@mastra/core';
import { MastraAuthSupabase } from '@mastra/auth-supabase';

// Initialize with environment variables
const auth = new MastraAuthSupabase();

// Or initialize with explicit configuration
const auth = new MastraAuthSupabase({
  url: 'your-supabase-url',
  anonKey: 'your-supabase-anon-key',
});

// Enable auth in Mastra
const mastra = new Mastra({
  ...
  server: {
    experimental_auth: auth,
  },
});

Configuration

The package can be configured in two ways:

  • Environment Variables:

    • SUPABASE_URL: Your Supabase project URL
    • SUPABASE_ANON_KEY: Your Supabase anonymous key

  • Constructor Options:

    interface MastraAuthSupabaseOptions {
  url?: string;
  anonKey?: string;
}

Features

  • Authentication: Verifies user tokens and retrieves user information from Supabase
  • Authorization: Checks user permissions based on their role in Supabase
  • Type Safety: Full TypeScript support with proper type definitions
  • Environment Variable Support: Easy configuration through environment variables

API

authenticateToken(token: string)

Authenticates a user token and returns the user information if valid.

authorizeUser(user: User)

Checks if a user has the required permissions (currently checks for admin status).

Requirements

  • Node.js 16 or higher
  • Supabase project with authentication enabled
  • Supabase URL and anonymous key

License

Elastic-2.0

FAQs

Package last updated on 20 Jun 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases

Research

/

Security News

Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases

Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.

By Lauren Valencia, Kirill Boychenko  -  Sep 17, 2025
Ongoing Supply Chain Attack Targets CrowdStrike npm Packages

Application Security

/

Research

/

Security News

Ongoing Supply Chain Attack Targets CrowdStrike npm Packages

Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.

By Kush Pandya, Peter van der Zee, Olivia Brown  -  Sep 16, 2025