Thanks for taking a look. Good question. When we first wrote the code, the Supabase Python API didn't have a redirect param so a bit of JavaScript was required to parse info out of #local_params -- so maybe we only used cookies to 'share' that info back to the server. But with their current API, maybe there's no longer any benefit. I'll check with one of the contractors who worked on it.
There's also this bit from Supabase for their Flask version (which didn't exist as an example when we started): "Here we're getting the code query parameter from the request object, if this is available we then exchange the code for a session so that the user will be signed in. Under the hood the supabase python library will handle storing this session (JWT) into a cookie and sign the user in." I've mostly treated Pyramid sessions & JWT & cookies as black boxes without having to fully understand the tradeoffs ... which is why I'm looking for community feedback! :-) Scott On Tuesday, November 28, 2023 at 4:47:54 AM UTC-5 tonthon wrote: > I haven't red all the code, but is there a reason you store the > access/refresh tokens in a cookie instead of inside the session ? > > > https://github.com/MakeDeeply/pyramid_supabase_auth_dev/blob/main/pyramid_supabase_auth/auth.py#L59C17-L60C76 > > > Le 27/11/2023 à 20:52, Scott Lawton a écrit : > > I've used Pyramid for various small projects over the years. Thanks much > to the devs and community for such a great framework. > > For a future project, would like to support login via Google, Github, etc. > Supabase (a Postgres-based platform) looks like a solid approach -- but I'm > not sure the best way to integrate with Pyramid. > > Here's our attempt via a simple example app: > https://github.com/MakeDeeply/pyramid_supabase_auth_dev ... MIT License > so open to all. > > Would be great to get some feedback from the Pyramid community. (Also from > Supabase folks; I reached out to them elsewhere.) > > Cheers, > > Scott > X/Twitter: @MakeDeeply > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to pylons-discus...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/pylons-discuss/d0cdd7e7-93cf-436c-8a36-894f48c7b8c2n%40googlegroups.com > > <https://groups.google.com/d/msgid/pylons-discuss/d0cdd7e7-93cf-436c-8a36-894f48c7b8c2n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > > -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/2b6f4303-8609-4a31-a0eb-9709b3504911n%40googlegroups.com.