Spaces:

kamau1
/

swiftops-backend

Sleeping

App Files Files Community

swiftops-backend / docs /dev /supabase /SUPABASE_EMAIL_CONFIRMATION.md

kamau1

chore: migrate to useast organize the docs, delete redundant migrations

c4f7e3e 3 months ago

preview code

raw

history blame contribute delete

3.47 kB

Supabase Email Confirmation Setup

Issue

By default, Supabase requires users to confirm their email before they can login. This causes the error:

Email not confirmed

Solutions

Option 1: Disable Email Confirmation (Recommended for Development)

Go to Supabase Dashboard
Select your project
Navigate to Authentication → Settings
Scroll to "Email Auth" section
Find "Enable email confirmations"
Uncheck/Disable it
Save changes

Pros:

Users can login immediately after registration
No email setup required
Faster development/testing

Cons:

Less secure (anyone can register with any email)
No email verification

Option 2: Auto-Confirm Users via Service Role (Backend)

Use the Supabase Admin API to auto-confirm users after registration.

Update src/app/core/supabase_auth.py:

async def sign_up(self, email: str, password: str, user_metadata: Optional[Dict[str, Any]] = None) -> Dict[str, Any]:
    try:
        # Create user
        response = self.client.auth.sign_up({
            "email": email,
            "password": password,
            "options": {
                "data": user_metadata or {}
            }
        })
        
        # Auto-confirm user using admin API
        if response.user:
            self.client.auth.admin.update_user_by_id(
                response.user.id,
                {"email_confirm": True}
            )
        
        return {
            "user": response.user,
            "session": response.session
        }
    except Exception as e:
        logger.error(f"Sign up error: {str(e)}")
        raise

Pros:

Users can login immediately
Email confirmation can be added later
More control over user activation

Cons:

Requires service role key
More complex code

Option 3: Enable Email Confirmation (Production)

For production, you should enable email confirmation and configure email templates.

Enable Email Confirmation in Supabase Dashboard
Configure Email Templates:
- Go to Authentication → Email Templates
- Customize "Confirm signup" template
- Set redirect URL to your frontend
Update Frontend:
- Show "Check your email" message after registration
- Handle email confirmation callback
Update Backend:
- Return appropriate message when email not confirmed
- Provide "Resend confirmation email" endpoint

Current Setup

Your backend is configured to work with Option 1 (email confirmation disabled).

To test immediately:

Disable email confirmation in Supabase Dashboard
Run tests: node tests/integration/test_auth_api.js

Testing

After disabling email confirmation, test the flow:

# Register new user
curl -X POST https://kamau1-swiftops-backend.hf.space/api/v1/auth/register \
  -H "Content-Type: application/json" \
  -d '{
    "email": "test@example.com",
    "password": "TestPass123",
    "first_name": "Test",
    "last_name": "User"
  }'

# Login immediately (no email confirmation needed)
curl -X POST https://kamau1-swiftops-backend.hf.space/api/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "test@example.com",
    "password": "TestPass123"
  }'

Recommendation

For development/testing: Use Option 1 (disable email confirmation) For production: Use Option 3 (enable email confirmation with proper email setup)