Authentication API
Client-Side Auth
API Token Verification

Authentication API

Authentication is handled by Supabase Auth directly — not through custom API endpoints.

Client-Side Auth

Use the Supabase client SDK in apps/web:

import { createClient } from "@/lib/supabase/client";

// Login
const supabase = createClient();
const { data, error } = await supabase.auth.signInWithPassword({
  email: "[email protected]",
  password: "password",
});

// Signup
const { data, error } = await supabase.auth.signUp({
  email: "[email protected]",
  password: "password",
  options: {
    data: { full_name: "John Doe" },
  },
});

API Token Verification

The NestJS API verifies tokens via the SupabaseGuard:

@UseGuards(SupabaseGuard)
@Get("protected")
getProtected(@Req() req) {
  const user = req.user; // Verified Supabase user
  return { userId: user.id };
}

⌘I