Upgrade guide
supabase-js v2 focuses on "quality-of-life" improvements for developers and addresses some of the largest pain points in v1. v2 includes type support, a rebuilt Auth library with async methods, improved errors, and more.
No new features will be added to supabase-js v1 , but we'll continuing merging security fixes to v1, with maintenance patches for the next 3 months.
Upgrade the client library
Install the latest version
_10npm install @supabase/supabase-js@2
Optionally if you are using custom configuration with createClient then follow below:
Read more about the constructor options.
Auth methods
The signIn() method has been deprecated in favor of more explicit method signatures to help with type hinting. Previously it was difficult for developers to know what they were missing (e.g., a lot of developers didn't realize they could use passwordless magic links).
Sign in with email and password
_10const { user, error } = await supabase_10 .auth_10 .signIn({ email, password })
Sign in with magic link
_10const { error } = await supabase_10 .auth_10 .signIn({ email })
Sign in with a third-party provider
_10const { error } = await supabase_10 .auth_10 .signIn({ provider })
Sign in with phone
_10const { error } = await supabase_10 .auth_10 .signIn({ phone, password })
Sign in with phone using OTP
_10const { error } = await supabase_10 .auth_10 .api_10 .sendMobileOTP(phone)
Reset password for email
_10const { data, error } = await supabase_10 .auth_10 .api_10 .resetPasswordForEmail(email)
Get the user's current session
Note that auth.getSession reads the auth token and the unencoded session data from the local storage medium. It doesn't send a request back to the Supabase Auth server unless the local session is expired.
You should never trust the unencoded session data if you're writing server code, since it could be tampered with by the sender. If you need verified, trustworthy user data, call auth.getUser instead, which always makes a request to the Auth server to fetch trusted data.
_10const session = supabase.auth.session()
Get the logged-in user
_10const user = supabase.auth.user()
Update user data for a logged-in user
_10const { user, error } = await supabase_10 .auth_10 .update({ attributes })
Use a custom access_token JWT with Supabase
_10const { user, error } = supabase.auth.setAuth(access_token)
Cookie methods
The cookie-related methods like setAuthCookie and getUserByCookie have been removed.
For Next.js you can use the Auth Helpers to help you manage cookies. If you can't use the Auth Helpers, you can use server-side rendering.
Some the PR for additional background information.
Data methods
.insert() / .upsert() / .update() / .delete() don't return rows by default: PR.
Previously, these methods return inserted/updated/deleted rows by default (which caused some confusion), and you can opt to not return it by specifying returning: 'minimal'. Now the default behavior is to not return rows. To return inserted/updated/deleted rows, add a .select() call at the end.
Insert and return data
_10const { data, error } = await supabase_10 .from('my_table')_10 .insert({ new_data })
Update and return data
_10const { data, error } = await supabase_10 .from('my_table')_10 .update({ new_data })_10 .eq('id', id)
Upsert and return data
_10const { data, error } = await supabase_10 .from('my_table')_10 .upsert({ new_data })
Delete and return data
_10const { data, error } = await supabase_10 .from('my_table')_10 .delete()_10 .eq('id', id)
Realtime methods
Subscribe
_10const userListener = supabase_10 .from('users')_10 .on('*', (payload) => handleAllEventsPayload(payload.new))_10 .subscribe()
Unsubscribe
_10userListener.unsubscribe()