RLS policy requires service key instead of anon key

derjogi · derjogi · commit 8edaf21d5a20 · 2025-04-01T16:05:46.000+13:00
diff --git a/app/core/config.py b/app/core/config.py
@@ -26,7 +26,9 @@ class Settings(BaseSettings):
     
     # Supabase postgres db settings
     DATABASE_URL: str
-    DATABASE_KEY: str
+    DATABASE_KEY: str = ""
+    DATABASE_ANON_KEY: str = ""
+    DATABASE_SERVICE_ROLE_KEY: str = ""
     
     OPERATION_COSTS: Dict[str, OperationCost] = {
         "basic_analysis": {
diff --git a/app/core/db.py b/app/core/db.py
@@ -1,7 +1,9 @@
 from supabase import create_client, Client
 from .config import settings
 
+print("Creating Supabase client with url ", settings.DATABASE_URL)
+
 db: Client = create_client(
   settings.DATABASE_URL, 
-  settings.DATABASE_KEY
+  settings.DATABASE_SERVICE_ROLE_KEY
 )
diff --git a/app/core/security.py b/app/core/security.py
@@ -180,7 +180,7 @@ async def verify_token(request: Request, credentials: Optional[HTTPAuthorization
         print("getting credits for user:", user_id)
         credits = db.table('credits').select('*').eq('user_id', user_id).maybe_single().execute()
         print("Credits:", credits)
-        if not credits.data:            
+        if not credits or not credits.data:
           print(f"No credits yet for {user_id if credentials else 'anonymous user'}. Creating...")
           if is_guest: # if the guest is not in the credits table, create it with the max credit amount
             init_guest_data = {
