I'm new to Next.js and Supabase. I'm using a webhook from Replicate to receive data from an image generation process. My goal is to store this data in my Supabase database. Here's the function I've written to upload generated images to Supabase:
export async function uploadGeneratedImagesToSupabase(original_image_cloudinary_public_id: string, cloudinary_public_id: string[]) {
const supabase = createClient();
const {data, error} = await supabase
.from('generated_images')
.insert({original_image_cloudinary_public_id, cloudinary_public_id})
.single();
if (error) {
return {error: error};
}
revalidatePath('/create');
return {data: data};
}
I think because the webhook fetches not from within the app supabase doesn't recognize a authenticated user and throws the following error:
error: {
code: '42501',
details: null,
hint: null,
message: 'new row violates row-level security policy for table "generated_images"'
}
Does someone have an idea how to solve this problem or how to work around it?
(Maybe i have to rework my whole structure of recieving data through a webhook)
Thanks!
I already got the information to use service role key to store the data, but how can I then store the generated images with reference to the user that generated the images?
I presume you are receiving the webhook on an endpoint that you have created on Next.js. When initializing Supabase, you can use service role key instead of anon key to initialize Supabase client. An Supabase client initialized with the Service role key can bypass RLS policies.
Note that you should never expose the service role key on the frontend, because a user can access any of the database when they get a hold of it.