Skip to content

README.md

Latest commit

 

History

History
62 lines (47 loc) · 1.83 KB

README.md

File metadata and controls

62 lines (47 loc) · 1.83 KB

Supabase Configuration

This directory contains configuration files for Supabase integration.

SupabaseConfig.swift

This file contains your Supabase project credentials:

  • URL: Your Supabase project URL
  • Anon Key: Your anonymous/public API key

Security Notes

Anon Key (Public Key) ✅

  • Safe to include in client apps (iOS, web, etc.)
  • Respects Row Level Security (RLS) policies
  • Limited permissions based on your database policies
  • This is the key you should use in your iOS app

Service Role Key ⚠️ CRITICAL SECURITY WARNING

  • NEVER use in client-side code (iOS app, web frontend, etc.)
  • Bypasses all Row Level Security (RLS) policies
  • Has full database access - can read, write, delete anything
  • Only use in:
    • Server-side code (Node.js, Python, Go, etc.)
    • Supabase Edge Functions
    • Backend services/APIs
    • Admin scripts
    • Never commit to public repositories

Best Practices

  • ✅ Use anonKey in your iOS app
  • ✅ Set up proper RLS policies in Supabase
  • ✅ Use serviceRoleKey only in secure server environments
  • ✅ Never expose service role key in client code
  • ✅ Rotate keys if accidentally exposed

Usage

import Foundation

// Access Supabase configuration
let supabaseURL = SupabaseConfig.url
let supabaseKey = SupabaseConfig.anonKey

// Example: Initialize Supabase client
// let supabase = SupabaseClient(supabaseURL: supabaseURL, supabaseKey: supabaseKey)

Environment Variables (Alternative)

If you prefer using environment variables (for development):

  1. Create a .env file in the project root
  2. Add your credentials: 
    SUPABASE_URL=https://your-project.supabase.co
SUPABASE_ANON_KEY=your_anon_key_here
  3. Use a package like SwiftDotEnv to load them at runtime

Note: .env files are automatically ignored by git (see .gitignore)