Spaces:
Sleeping
Sleeping
| # Supabase Email Confirmation Setup | |
| ## Issue | |
| By default, Supabase requires users to confirm their email before they can login. This causes the error: | |
| ``` | |
| Email not confirmed | |
| ``` | |
| ## Solutions | |
| ### Option 1: Disable Email Confirmation (Recommended for Development) | |
| 1. Go to [Supabase Dashboard](https://supabase.com/dashboard) | |
| 2. Select your project | |
| 3. Navigate to **Authentication** → **Settings** | |
| 4. Scroll to **"Email Auth"** section | |
| 5. Find **"Enable email confirmations"** | |
| 6. **Uncheck/Disable it** | |
| 7. Save changes | |
| **Pros:** | |
| - Users can login immediately after registration | |
| - No email setup required | |
| - Faster development/testing | |
| **Cons:** | |
| - Less secure (anyone can register with any email) | |
| - No email verification | |
| ### Option 2: Auto-Confirm Users via Service Role (Backend) | |
| Use the Supabase Admin API to auto-confirm users after registration. | |
| Update `src/app/core/supabase_auth.py`: | |
| ```python | |
| async def sign_up(self, email: str, password: str, user_metadata: Optional[Dict[str, Any]] = None) -> Dict[str, Any]: | |
| try: | |
| # Create user | |
| response = self.client.auth.sign_up({ | |
| "email": email, | |
| "password": password, | |
| "options": { | |
| "data": user_metadata or {} | |
| } | |
| }) | |
| # Auto-confirm user using admin API | |
| if response.user: | |
| self.client.auth.admin.update_user_by_id( | |
| response.user.id, | |
| {"email_confirm": True} | |
| ) | |
| return { | |
| "user": response.user, | |
| "session": response.session | |
| } | |
| except Exception as e: | |
| logger.error(f"Sign up error: {str(e)}") | |
| raise | |
| ``` | |
| **Pros:** | |
| - Users can login immediately | |
| - Email confirmation can be added later | |
| - More control over user activation | |
| **Cons:** | |
| - Requires service role key | |
| - More complex code | |
| ### Option 3: Enable Email Confirmation (Production) | |
| For production, you should enable email confirmation and configure email templates. | |
| 1. **Enable Email Confirmation** in Supabase Dashboard | |
| 2. **Configure Email Templates**: | |
| - Go to **Authentication** → **Email Templates** | |
| - Customize "Confirm signup" template | |
| - Set redirect URL to your frontend | |
| 3. **Update Frontend**: | |
| - Show "Check your email" message after registration | |
| - Handle email confirmation callback | |
| 4. **Update Backend**: | |
| - Return appropriate message when email not confirmed | |
| - Provide "Resend confirmation email" endpoint | |
| ## Current Setup | |
| Your backend is configured to work with **Option 1** (email confirmation disabled). | |
| To test immediately: | |
| 1. Disable email confirmation in Supabase Dashboard | |
| 2. Run tests: `node tests/integration/test_auth_api.js` | |
| ## Testing | |
| After disabling email confirmation, test the flow: | |
| ```bash | |
| # Register new user | |
| curl -X POST https://kamau1-swiftops-backend.hf.space/api/v1/auth/register \ | |
| -H "Content-Type: application/json" \ | |
| -d '{ | |
| "email": "test@example.com", | |
| "password": "TestPass123", | |
| "first_name": "Test", | |
| "last_name": "User" | |
| }' | |
| # Login immediately (no email confirmation needed) | |
| curl -X POST https://kamau1-swiftops-backend.hf.space/api/v1/auth/login \ | |
| -H "Content-Type: application/json" \ | |
| -d '{ | |
| "email": "test@example.com", | |
| "password": "TestPass123" | |
| }' | |
| ``` | |
| ## Recommendation | |
| For development/testing: **Use Option 1** (disable email confirmation) | |
| For production: **Use Option 3** (enable email confirmation with proper email setup) | |