Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Download the example code files
• Conventions used
• Get in touch
• Join Us on Discord
• Share Your Thoughts

1. Part 1:Creating the Foundations of the Ticket System App

2. Chapter 1: Unveiling the Inner Workings of Supabase and Introducing the Book’s Project FREE CHAPTER

• Technical requirements (and some preamble)
• Understanding why Supabase is the stack you want
• Demystifying the inner workings of Supabase with Postgres
• Supabase Studio – the convenient web dashboard
• Supabase Auth (GoTrue) – the authentication handler
• PostgREST – a REST and GraphQL API for your database
• Realtime – elevating the user experience
• Storage – simple and scalable object storage
• Image Proxy – helping to transform images on the fly
• Edge Functions – completing the optimization stack
• pg-meta – an internal helper service for the database
• Kong – the overarching service orchestrator
• Introducing the production-grade ticket system project
• Summary

3. Chapter 2: Setting Up Supabase with Next.js

• Technical requirements
• Getting ready with Next.js
• Installing the Supabase CLI
• Running your first Supabase instance on your machine
• Managing multiple local Supabase instances
• Connecting to Supabase with the Supabase JavaScript client
• Connecting directly to the database
• Using Supabase with TypeScript
• Connecting Supabase to other frameworks
• Summary

4. Chapter 3: Creating the Ticket Management Pages, Layout, and Components

• Technical requirements
• Setting up Pico.css with Next.js
• Building the login form
• Visualizing the Ticket Management UI
• Creating a shared UI layout with navigation elements
• Designing the Ticket List page
• Constructing the Ticket Details page
• Implementing a page to create a new ticket
• Implementing a user overview
• Enhancing the navigation component
• Summary

5. Part 2: Adding Multi-Tenancy and Learning RLS

6. Chapter 4: Adding Authentication and Application Protection

• Technical requirements
• Adding authentication protection with Supabase
• Adding a log out button
• Understanding server authentication
• Enhancing the password login
• Authenticating with magic links
• Adding password recovery
• Learning about the Site URL and redirect URLs
• Optional knowledge: adapting built-in templates
• Summary

7. Chapter 5: Crafting Multi-Tenancy through Database and App Design

• Technical requirements
• What kind of multi-tenancy do we need?
• Designing the database for multi-tenancy
• Committing your database state (if you don’t seed it, you lose it)
• Making our Next.js application tenant-aware
• Summary

8. Chapter 6: Enforcing Tenant Permissions with RLS and Handling Tenant Domains

• Technical requirements
• Learning to work with RLS
• Minimizing RLS complexity with custom claims
• Making the authentication process tenant-based
• Matching a tenant per domain instead of per path
• Summary

9. Chapter 7: Adding Tenant-Based Signups, including Google Login

• Technical requirements
• Understanding the impact of disabling signups
• Implementing the registration page
• Processing the registration with a Route Handler
• Enabling OAuth/Sign-in with Google
• Dealing with invalid user registration
• Summary

10. Part 3: Managing Tickets and Interactions

11. Chapter 8: Implementing Dynamic Ticket Management

• Technical requirements
• Creating the tickets table in the database
• Creating tickets and using triggers
• Viewing the ticket details
• Listing and filtering tickets
• Deleting tickets
• Summary

12. Chapter 9: Creating a User List with RPCs and Setting Ticket Assignees

• Technical requirements
• Adding a user list with an RPC
• Allowing the setting and editing of an assignee to a ticket
• Summary

13. Chapter 10: Enhancing Interactivity with Realtime Comments

• Technical requirements
• Creating the comments table
• Adding a trigger to set the tenant automatically
• Adding and optimizing RLS policies
• Implementing comment creation
• Listing existing comments from the server
• Implementing Realtime comments
• Embracing additional Realtime insights and learning about potential pitfalls
• Summary

14. Chapter 11: Adding, Securing, and Serving File Uploads with Supabase Storage

• Technical requirements
• Creating and understanding Storage buckets
• Enabling the addition of comments with file attachments
• Serving image attachments directly in the UI
• Writing RLS policies directly on buckets and objects table
• Diving into advanced storage restrictions
• Summary

15. Part 4: Diving Deeper into Security and Advanced Features

16. Chapter 12: Avoiding Unwanted Data Manipulation and Undisclosed Exposures

• Technical requirements
• Understanding PostgREST’s OpenAPI Schema exposure
• Being careful with current_user usage and understanding auth.role()
• Generating new Anonymous Keys, Service Role Keys, and database passwords
• Benefiting from Supabase Vault
• Utilizing silent resets to avoid data manipulation
• Enabling column-level security/working with roles
• Understanding security on views and manually created tables
• Changing the max_rows configuration
• Understanding safe-guarded API updates or deletion
• Adding middleware inside Postgres for each API request
• Using the Security Advisor
• Allowing a listing of IPs for database connections
• Enforcing SSL on direct database connections
• Summary

17. Chapter 13: Adding Supabase Superpowers and Reviewing Production Hardening Tips

• Technical requirements
• Making sense of search_path
• Familiarizing yourself with database extensions
• Adding an AI-based semantic ticket search
• Using anonymous sign-ins
• Transforming external APIs into tables with foreign data wrappers
• Using webhooks
• Understanding Edge Functions
• Using cronjobs to notify about due tickets
• Using pg_jsonschema for JSON data integrity
• Testing the database with pgTAP
• Setting the auth.storageKey to avoid migration problems
• Extending supabase.ts with custom typings
• Improving RLS and query performance
• Identifying database performance problems and bloat
• Working with complex table joins
• Reviewing the underestimated benefit of using an external database client
• Understanding migrations
• Utilizing database branching
• Disabling GraphQL or PostgREST (if you don’t need it)
• Using a dead-end built-in mailing setup
• Retrieving table data with the REST API and cURL
• Summary

18. Index

• Why subscribe?

19. Other Books You May Enjoy

• Packt is searching for authors like you
• Share Your Thoughts
• Download a free PDF copy of this book