MastraAuthSupabase 类
🌐 MastraAuthSupabase Class
MastraAuthSupabase 类使用 Supabase Auth 为 Mastra 提供身份验证。它通过 Supabase 的身份验证系统验证传入请求,并使用 auth 选项与 Mastra 服务器集成。
🌐 The MastraAuthSupabase class provides authentication for Mastra using Supabase Auth. It verifies incoming requests using Supabase's authentication system and integrates with the Mastra server using the auth option.
先决条件Direct link to 先决条件
🌐 Prerequisites
此示例使用 Supabase 身份验证。请确保将你的 Supabase 凭证添加到 .env 文件中,并确保你的 Supabase 项目已正确配置。
🌐 This example uses Supabase Auth. Make sure to add your Supabase credentials to your .env file and ensure your Supabase project is properly configured.
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_ANON_KEY=your-anon-key
检查你的 Supabase 行级安全性 (RLS) 设置,以确保数据访问控制正确。
🌐 Review your Supabase Row Level Security (RLS) settings to ensure proper data access controls.
安装Direct link to 安装
🌐 Installation
在使用 MastraAuthSupabase 类之前,你必须先安装 @mastra/auth-supabase 包。
🌐 Before you can use the MastraAuthSupabase class you have to install the @mastra/auth-supabase package.
npm install @mastra/auth-supabase@latest
使用示例Direct link to 使用示例
🌐 Usage example
import { Mastra } from "@mastra/core";
import { MastraAuthSupabase } from "@mastra/auth-supabase";
export const mastra = new Mastra({
server: {
auth: new MastraAuthSupabase({
url: process.env.SUPABASE_URL,
anonKey: process.env.SUPABASE_ANON_KEY,
}),
},
});
默认的 authorizeUser 方法会检查 public 模式下 users 表中的 isAdmin 列。要自定义用户授权,请在构建提供程序时提供自定义的 authorizeUser 函数。
🌐 The default authorizeUser method checks the isAdmin column in the users table in the public schema. To customize user authorization, provide a custom authorizeUser function when constructing the provider.
访问 MastraAuthSupabase 查看所有可用的配置选项。
🌐 Visit MastraAuthSupabase for all available configuration options.
客户端设置Direct link to 客户端设置
🌐 Client-side setup
使用 Supabase 身份验证时,你需要在客户端从 Supabase 获取访问令牌,并将其传递给你的 Mastra 请求。
🌐 When using Supabase auth, you'll need to retrieve the access token from Supabase on the client side and pass it to your Mastra requests.
正在获取访问令牌Direct link to 正在获取访问令牌
🌐 Retrieving the access token
使用 Supabase 客户端对用户进行身份验证并获取他们的访问令牌:
🌐 Use the Supabase client to authenticate users and retrieve their access token:
import { createClient } from "@supabase/supabase-js";
const supabase = createClient("<supabase-url>", "<supabase-key>");
const authTokenResponse = await supabase.auth.signInWithPassword({
email: "<user's email>",
password: "<user's password>",
});
const accessToken = authTokenResponse.data?.session?.access_token;
有关其他身份验证方法,如 OAuth、魔法链接等,请参阅 Supabase 文档。
🌐 Refer to the Supabase documentation for other authentication methods like OAuth, magic links, and more.
配置 MastraClientDirect link to configuring-mastraclient
🌐 Configuring MastraClient
当启用 auth 时,所有使用 MastraClient 发出的请求必须在 Authorization 请求头中包含有效的 Supabase 访问令牌:
🌐 When auth is enabled, all requests made with MastraClient must include a valid Supabase access token in the Authorization header:
import { MastraClient } from "@mastra/client-js";
export const mastraClient = new MastraClient({
baseUrl: "https://<mastra-api-url>",
headers: {
Authorization: `Bearer ${accessToken}`,
},
});
访问令牌在 Authorization 头中必须以 Bearer 为前缀。
🌐 The access token must be prefixed with Bearer in the Authorization header.
访问 Mastra Client SDK 以获取更多配置选项。
🌐 Visit Mastra Client SDK for more configuration options.
进行身份验证的请求Direct link to 进行身份验证的请求
🌐 Making authenticated requests
一旦使用 Supabase 访问令牌配置了 MastraClient,你就可以发送经过身份验证的请求:
🌐 Once MastraClient is configured with the Supabase access token, you can send authenticated requests:
- React
- cURL
import { mastraClient } from "../../lib/mastra-client";
export const TestAgent = () => {
async function handleClick() {
const agent = mastraClient.getAgent("weatherAgent");
const response = await agent.generate("What's the weather like in New York");
console.log(response);
}
return <button onClick={handleClick}>Test Agent</button>;
};
curl -X POST http://localhost:4111/api/agents/weatherAgent/generate \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <your-supabase-access-token>" \
-d '{
"messages": "Weather in London"
}'