Add auth helper functions (uid, role, jwt) to init.sql

These functions are normally created by GoTrue but our init.sql runs first. Needed for RLS policies that use auth.uid(). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-26 12:12:33 +01:00 · 2026-01-26 12:12:33 +01:00 · ce3239598d
parent 679f278075
commit ce3239598d
1 changed files with 41 additions and 0 deletions
--- a/deploy/init.sql
+++ b/deploy/init.sql
@ -97,6 +97,47 @@ ALTER DATABASE postgres SET search_path TO public, extensions;
 CREATE EXTENSION IF NOT EXISTS "uuid-ossp" WITH SCHEMA extensions;
 CREATE EXTENSION IF NOT EXISTS "pgcrypto" WITH SCHEMA extensions;

+-- ============================================
+-- AUTH HELPER FUNCTIONS
+-- These are normally created by GoTrue, but we need them for RLS policies
+-- ============================================
+
+-- Get current user ID from JWT
+CREATE OR REPLACE FUNCTION auth.uid()
+RETURNS UUID
+LANGUAGE sql
+STABLE
+AS $$
+  SELECT COALESCE(
+    current_setting('request.jwt.claim.sub', true),
+    (current_setting('request.jwt.claims', true)::jsonb ->> 'sub')
+  )::uuid
+$$;
+
+-- Get current user role from JWT
+CREATE OR REPLACE FUNCTION auth.role()
+RETURNS TEXT
+LANGUAGE sql
+STABLE
+AS $$
+  SELECT COALESCE(
+    current_setting('request.jwt.claim.role', true),
+    (current_setting('request.jwt.claims', true)::jsonb ->> 'role')
+  )::text
+$$;
+
+-- Get JWT claim value
+CREATE OR REPLACE FUNCTION auth.jwt()
+RETURNS JSONB
+LANGUAGE sql
+STABLE
+AS $$
+  SELECT COALESCE(
+    current_setting('request.jwt.claims', true)::jsonb,
+    '{}'::jsonb
+  )
+$$;
+
 -- ============================================
 -- MIGRATION 001: Initial Schema
 -- ============================================