Julian Tabel
0a519e356e
Add user authentication with login/signup/protected routes, boss pokemon detail fields and result team tracking, moves and abilities selector components and API, run ownership and visibility controls, and various UI improvements across encounters, run list, and journal pages. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
4.1 KiB
4.1 KiB
Supabase Auth Setup
This guide walks through setting up Supabase authentication for local development.
1. Create a Supabase Project
- Go to supabase.com and sign in
- Click "New project"
- Choose your organization, enter a project name (e.g.,
nuzlocke-tracker-dev), and set a database password - Select a region close to you
- Wait for the project to finish provisioning
2. Get Your Project Credentials
From the Supabase dashboard:
- Go to Project Settings > API
- Copy the following values:
- Project URL ->
SUPABASE_URL/VITE_SUPABASE_URL - anon public key ->
SUPABASE_ANON_KEY/VITE_SUPABASE_ANON_KEY
- Project URL ->
- Go to Project Settings > API > JWT Settings
- Copy the JWT Secret ->
SUPABASE_JWT_SECRET
3. Enable Email/Password Auth
- Go to Authentication > Providers
- Ensure Email provider is enabled (it's enabled by default)
- Configure options as needed:
- Confirm email: Enable for production, disable for local dev convenience
- Secure email change: Recommended enabled
4. Configure Google OAuth
Google Cloud Console Setup
- Go to Google Cloud Console
- Create a new project or select an existing one
- Go to APIs & Services > OAuth consent screen
- Choose "External" user type
- Fill in app name, user support email, and developer contact
- Add scopes:
email,profile,openid - Add test users if in testing mode
- Go to APIs & Services > Credentials
- Click Create Credentials > OAuth client ID
- Select "Web application"
- Add authorized redirect URIs:
https://<your-project-ref>.supabase.co/auth/v1/callback- For local dev:
http://localhost:5173/auth/callback
- Copy the Client ID and Client Secret
Supabase Setup
- Go to Authentication > Providers > Google
- Enable the provider
- Paste the Client ID and Client Secret from Google
- Save
5. Configure Discord OAuth
Discord Developer Portal Setup
- Go to Discord Developer Portal
- Click New Application and give it a name
- Go to OAuth2 > General
- Add redirect URIs:
https://<your-project-ref>.supabase.co/auth/v1/callback- For local dev:
http://localhost:5173/auth/callback
- Copy the Client ID and Client Secret
Supabase Setup
- Go to Authentication > Providers > Discord
- Enable the provider
- Paste the Client ID and Client Secret from Discord
- Save
6. Configure Environment Variables
Backend (.env)
SUPABASE_URL=https://your-project-ref.supabase.co
SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
SUPABASE_JWT_SECRET=your-jwt-secret-from-dashboard
Frontend (.env)
VITE_SUPABASE_URL=https://your-project-ref.supabase.co
VITE_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
7. Configure Redirect URLs
In Supabase Dashboard:
- Go to Authentication > URL Configuration
- Set Site URL:
http://localhost:5173(for local dev) - Add Redirect URLs:
http://localhost:5173/auth/callbackhttp://localhost:5173/**(for flexibility during dev)
For production, add your production URLs here as well.
Verification
After setup, you can verify by:
- Starting the app with
docker compose up - Navigating to the login page
- Testing email/password signup
- Testing Google and Discord OAuth flows
Troubleshooting
"Invalid redirect URI" error
- Ensure the callback URL in your OAuth provider matches exactly what Supabase expects
- Check that your Site URL in Supabase matches your app's URL
"JWT verification failed"
- Verify
SUPABASE_JWT_SECRETmatches the one in your Supabase dashboard - Ensure there are no trailing spaces in your environment variables
OAuth popup closes without logging in
- Check browser console for errors
- Verify the OAuth provider is properly enabled in Supabase
- Ensure redirect URLs are correctly configured in both the OAuth provider and Supabase