Advice on realtime integration

Hello All! I'm working on a very important app for myself and a select large group of people, to simply explain it is a very sophisticated note taking/sharing app. I'm currently making it with Expo/React Native in Typescript(of course), and my initial thought for the database was Supabase which I am self hosting on my local server. Part of my requirements is that there is an aspect of realtime communication in sending messages/notes to others. My first thought for this was just Supabase for the Auth, Database and Realtime all in one. What I am trying to ask it should I just use Supabase and call it a day or switch to a setup like Auth0(I want my app to be very secure as it will contain sensitive information), combined with regular self hosted Postgresql and Drizzle ORM. I'm also looking for how should I setup the realtime side of the equation with my above suggested setup as I haven't manually done realtime before except for one chat site i made with socketio(which was in rust).
31 Replies
Jacob
Jacob7mo ago
Supabase seems like one of the best options for what you are requiring and would reduce the amount of setup and overhead. Supabase is used by quite a few large applications that store sensitive information such as https://midday.ai/ which users it to store finance information. Supabase's Realtime is really good for such a plug and play experience and to store values in your database. If you are worried about your sensitive information and querying user data that you want secure have a look at their documentation on managing users: https://supabase.com/docs/guides/auth/managing-user-data Then you can still store sensitive data in the users table and it be ok and query the other data separately. another option is to hash the data and store it in the db.
Midday provides you with greater insight into your business and automates the boring tasks, allowing you to focus on what you love to do instead.
Midday | Run your business smarter
This is my portfolio.
Jasper
JasperOP7mo ago
This is great thank you very much!
Jacob
Jacob7mo ago
That’s okay glad I was able to help, read a lot of supabase’s documentation. If you are ever wondering on this feel free to ask, suoabase has amazing documentation, examples and YouTube videos explaining things along with building it out. Docs: https://supabase.com/docs YouTube channel: https://youtube.com/@supabase?si=4trmnodEPcz61pdL
Supabase Docs
Supabase is an open source Firebase alternative providing all the backend features you need to build a product.
YouTube
Supabase
Supabase is the best open source Firebase alternative. Create a backend in less than 2 minutes. Start your project with a Postgres Database, Authentication, instant APIs, & realtime subscriptions. Whether you're new to development or looking to migrate existing workloads, you'll find Supabase tutorials & tips that will make your app developmen...
Juraj98
Juraj987mo ago
Hey Jasper, I'm also working on what is in essence realtime note taking app, and I went with Supabase. As Jacob said, Supabase's realtime is really easy to use, plus it's relatively cheap once you get past free tier. In my case, I'm still using Drizzle to access Supabase's DB from next functions, mostly because I don't want to deal with RLS. Also, I decided to switch to Supabase after few months of building the project, and my auth is in Clerk. (Although I'm considering switching to Supabase Auth in the future) One think to consider is realtime collaboration of text editing (cursors for multiple users in one textarea). I went with TipTap as my rich text editor solution, and TipTap already supports collaboration. While the API is written so that you could technically add your own provider for realtime communication, the docs are not great. Their recommended solution is to use HocusPocus server and after spending few days investigating my options, I did eventually go with simple HocusPocus server only for collaboration, deployed to railway. There are few tradeoffs here, but for the sake of speed, I don't mind for now. Technically I think I could have HocusPocus and Next running on the same server, but deploying two apps seemed easier and hopefully will be more clear if one starts running out of resources. Also as I mentioned previously, there should be way to connect TipTap through Supabase realtime, though for now I don't think its worth the effort.
Jasper
JasperOP7mo ago
Quick question how do you integrate a different auth client when your using supabase?
Juraj98
Juraj987mo ago
Depends on which auth client. I'm using Clerk, and I just put the user ids into rows, without having users table. It is the best solution? Probably no. But, so far it works.
Jasper
JasperOP7mo ago
I see, what is your thoughts on Clerk? I have been looking at https://auth0.com/pricing (Essentials) because I'm wanting something fast and secure
Juraj98
Juraj987mo ago
So far, I really like Clerk. It's super easy to integrate and docs are great. I've been also looking at Supabase Auth, since it's where I have my DB, but so far I haven't had reason to switch. Why auth0?
Jasper
JasperOP7mo ago
Why auth0?
It just seems to me like the most secure and professional option, maybe I'm just getting over my head and all i really need is something like Supabase Auth or Clerk lol
Juraj98
Juraj987mo ago
😶 Go with Clerk 😂
Jasper
JasperOP7mo ago
Only thing im seeing is 1 not self hosted combined with the crack pricing for the features i could get for free with Auth0 XD
Juraj98
Juraj987mo ago
You can self host Auth0? I missed that. But also, why would you want to do that? Also, what features you could get for free?
Jasper
JasperOP7mo ago
No you can't self host auth0 sry lol I just thought clerk was self hosted lol
Jasper
JasperOP7mo ago
No description
Juraj98
Juraj987mo ago
I believe clerk has all of this. And possibly more. At least, Clerk has Magic Link authentication and Separate prod/dev environments, which is locked behind $35 on Auth0.
Jasper
JasperOP7mo ago
Hm i see I might be like somewhat biased because I made a ticket on Auth0 to ask a question about something and got a phone call like a week later and the person on the other end spelled out like everything to me XD It was a very good experience to say the least I'll definatley take a look at clerk because I found when self hosting Supabase the time it takes to authenticate properly is not good enough for what I need and that is just the limitation of my internet
Juraj98
Juraj987mo ago
What do you mean, self hosting Supabase? Can you even do that?
Jasper
JasperOP7mo ago
Supabase
Self-Hosting | Supabase Docs
Host Supabase on your own infrastructure.
Juraj98
Juraj987mo ago
Okay, TIL you can self host supabase 😂 But that begs the question.. Why would you want to self host it?
Jasper
JasperOP7mo ago
I need to self host because the data needs to be heavily encrypted and stored on premises where i can encrypt the whole machine drive Security measures lol Using a provider is no guaruntee of data safety sadly
Juraj98
Juraj987mo ago
Are you sure your security measures will be better than company's that specializes in auth? 🫣
Jasper
JasperOP7mo ago
Yeah so here is my point, it doesn't matter who provides the Auth (it does but yk), it just matters that the database is secure and on-premises So really i could use any Auth, i've just been using Supabase so far to keep everything free and consistent
Juraj98
Juraj987mo ago
Can you share what are you specifically working on, or is it more of a "If I told you, I'd have to kill you" type of situation? 😄
Jasper
JasperOP7mo ago
Sort of i guess haha, Basically its a app very specifically designed for a organisation I won't mention that assists in organizing, sharing and storing sensitive information to improve accessibility and readability. And since the information is as sensitive as it is, it requires having all data on site. But since I want the app to be smooth to use and my server isn't exactly AWS I would probably prefer a quality auth provider And yeah to clarify the Auth is only for users of the app, so they can access their content (which is called from supabase based on auth status and user id) We'll i think based on all of this I'll probably stick with Supabase for Realtime Maybe use Drizzle but I am fine just opening the supabase studio most of the time lol
Jasper
JasperOP7mo ago
i mean if theo reccomends it, it must be good XD
No description
Juraj98
Juraj987mo ago
I don't believe Clerk has self-hosted option.
Jasper
JasperOP7mo ago
Yeah seems so, does it work in React Native though? Oh nevermihnd It works in Expo
Jasper
JasperOP7mo ago
Quickstarts: Use Clerk with Expo
Learn how to use Clerk to quickly and easily add secure authentication and user management to your Expo application.
Jacob
Jacob7mo ago
Know i am bit late with this but supabase has integrations (Supabase Intergrations) for quite a few different applications, including auth applications such as Auth0, Clerk, NextAuth and a few more - https://supabase.com/partners/integrations/clerk - https://supabase.com/partners/integrations/auth0 - https://supabase.com/partners/integrations/nextauth
Supabase
Clerk | Works With Supabase
Authentication for Next.js, React, and the Modern Web.
Supabase
Auth0 | Works With Supabase
Rapidly integrate authentication and authorization for web, mobile, and legacy applications so you can focus on your core business.
Supabase
NextAuth | Works With Supabase
Open Source Authentication for Next.js
Jasper
JasperOP7mo ago
Ah this looks really good, thanks for that!
Jacob
Jacob7mo ago
All good
Want results from more Discord servers?
Add your server