forked from supabase/auth
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: define search path in auth functions (supabase#1616)
## What kind of change does this PR introduce? * Set search_path to empty string in all auth functions
- Loading branch information
1 parent
70aebdd
commit c7061b2
Showing
1 changed file
with
43 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
-- set the search_path to an empty string to force fully qualified names in the function | ||
do $$ | ||
begin | ||
-- auth.uid() function | ||
create or replace function auth.uid() | ||
returns uuid | ||
set search_path to '' | ||
as $func$ | ||
select nullif(current_setting('request.jwt.claim.sub', true), '')::uuid; | ||
$func$ language sql stable; | ||
|
||
-- auth.role() function | ||
create or replace function {{ index .Options "Namespace" }}.role() | ||
returns text | ||
set search_path to '' | ||
as $func$ | ||
select nullif(current_setting('request.jwt.claim.role', true), '')::text; | ||
$func$ language sql stable; | ||
|
||
-- auth.email() function | ||
create or replace function {{ index .Options "Namespace" }}.email() | ||
returns text | ||
set search_path to '' | ||
as $func$ | ||
select | ||
coalesce( | ||
current_setting('request.jwt.claim.email', true), | ||
(current_setting('request.jwt.claims', true)::jsonb ->> 'email') | ||
)::text | ||
$func$ language sql stable; | ||
|
||
-- auth.jwt() function | ||
create or replace function {{ index .Options "Namespace" }}.jwt() | ||
returns jsonb | ||
set search_path to '' | ||
as $func$ | ||
select | ||
coalesce( | ||
nullif(current_setting('request.jwt.claim', true), ''), | ||
nullif(current_setting('request.jwt.claims', true), '') | ||
)::jsonb; | ||
$func$ language sql stable; | ||
end $$; |