Skip to main content

How Authentication Works

The authentication flow in SvelteBolt is designed to minimize friction for users while ensuring security.

1. Signup Process

  • Users can sign up with:

    • Email: Passwordless authentication using a magic link sent to their email.
    • Social Providers: Log in with Google, GitHub, or other configured providers.

  • Upon signup:

    • A user record is created in the Supabase auth.users table.
    • A corresponding profile is automatically created in the profiles table via a database trigger.

2. Login Process

  • Users log in using:
    • Magic links (email-based).
    • Social providers.
  • On successful login:
    • A JWT token is issued to the client for secure communication with the backend.
    • The session is stored and managed by Supabase.

3. Automatic User Profiles

  • The profiles table stores additional user data like name, avatar, and bio.

  • When a new user is created in auth.users, their profile is automatically created using a Supabase trigger:

    CREATE FUNCTION public.create_profile()
    RETURNS trigger
    LANGUAGE plpgsql
    SECURITY DEFINER SET search_path = public
    AS $$
    BEGIN
      INSERT INTO public.profiles (id, name, bio, avatar)
      VALUES
      (
        NEW.id,
        NEW.raw_user_meta_data ->> 'name',
        NEW.raw_user_meta_data ->> 'bio',
        NEW.raw_user_meta_data ->> 'avatar'
      );
      RETURN NEW;
    END;
    $$;

    CREATE TRIGGER create_profile_trigger
    AFTER INSERT ON auth.users
    FOR EACH ROW EXECUTE PROCEDURE public.create_profile();