Skip to main content
This guide walks you through setting up Supabase as your backend infrastructure, including database configuration, authentication, and Row Level Security (RLS) policies.

Prerequisites

  • A Supabase account (sign up at supabase.com)
  • Supabase CLI installed (optional, for local development)
  • Basic understanding of PostgreSQL and SQL

Create a Supabase Project

1

Sign in to Supabase

Go to app.supabase.com and sign in with your account.
2

Create New Project

Click New Project and provide:
  • Project Name: transport-logistics (or your preferred name)
  • Database Password: A strong, secure password (save this securely)
  • Region: Choose the region closest to your users
  • Pricing Plan: Select Free tier for development or Pro for production
3

Wait for Provisioning

Supabase will provision your project. This typically takes 1-2 minutes. Once ready, you’ll see your project dashboard.
4

Note Your Project Credentials

In the project dashboard, navigate to Settings > API:
  • Project URL: https://xxxxx.supabase.co
  • Anon (public) Key: Your public API key
  • Service Role Key: Your private API key (keep this secret)
Never expose the Service Role Key in client-side code. Only use the Anon Key in your application.

Database Schema Setup

The Transport Logistics application uses the following main tables:
  • profiles - User profiles with role-based access
  • vehicles - Fleet vehicle information
  • shipments - Shipment tracking data
  • packages - Package details
  • materials - Material inventory
  • routes - Delivery routes
  • transporters - Transporter information
  • user_settings - User preferences

Running Migrations

You have two options for setting up your database schema:

Row Level Security (RLS) Configuration

Row Level Security ensures users can only access data they’re authorized to see. The application implements role-based access control.

Understanding RLS Policies

The application uses three main user roles:
  • Admin: Full access to all resources
  • Manager: Can view and manage assigned resources
  • User: Limited access to assigned packages and shipments

Enable RLS on Tables

1

Navigate to Table Editor

Go to Database > Tables in your Supabase dashboard.
2

Enable RLS

For each table (vehicles, shipments, packages, materials, profiles, user_settings, routes, transporters):
  1. Click on the table name
  2. Go to the Policies tab
  3. Click Enable RLS if not already enabled
3

Create Policies

Execute the RLS policy migration file (20250626084408-*.sql) which creates:
  • View policies: Control who can SELECT data
  • Insert policies: Control who can INSERT data
  • Update policies: Control who can UPDATE data
  • Delete policies: Control who can DELETE data

Key RLS Policies

  • View: All authenticated users
  • Manage: Admin users only
  • View: Admin users, package creators, or assigned users
  • Manage: Admin users and package creators
  • View: Users can view their own profile; admins can view all
  • Update: Users can update their own profile; admins can manage all
  • All Operations: Users can only access their own settings

Helper Function

The application uses a security definer function to check user roles: 
CREATE OR REPLACE FUNCTION public.get_current_user_role()
RETURNS TEXT AS $$
  SELECT role FROM public.profiles WHERE id = auth.uid();
$$ LANGUAGE SQL SECURITY DEFINER STABLE;
This function is used in RLS policies to enforce role-based access control.

Authentication Configuration

1

Enable Auth Providers

Navigate to Authentication > Providers:
  • Email: Enabled by default (recommended)
  • Magic Link: Optional, for passwordless authentication
  • OAuth Providers: Configure Google, GitHub, etc. (optional)
2

Configure Email Templates

Go to Authentication > Email Templates and customize:
  • Confirm Signup: Welcome email with verification link
  • Magic Link: Passwordless login email
  • Change Email Address: Email change confirmation
  • Reset Password: Password reset link
Update templates with your brand name and customize messaging for better user experience.
3

Set URL Configuration

Go to Authentication > URL Configuration:
  • Site URL: Your application URL (e.g., https://your-domain.com)
  • Redirect URLs: Add allowed callback URLs:
    • http://localhost:8080/** (for local development)
    • https://your-domain.com/** (for production)
    • https://preview-*.vercel.app/** (for preview deployments)
4

Configure User Management

Go to Authentication > Settings:
  • Enable Email Confirmations: Recommended for production
  • Disable Sign-ups: Enable if you want invite-only access
  • Session Duration: Configure token expiry (default: 3600 seconds)

Edge Functions (Optional)

The application includes Edge Functions for server-side operations:

Available Functions

  1. create-user: Server-side user creation with JWT verification
  2. change-user-password: Password management with authentication
  3. delete_user: User deletion with cleanup
  4. get_user_email: Retrieve user email by ID

Deploying Edge Functions

1

Navigate to Functions Directory

cd supabase/functions
2

Deploy Function

supabase functions deploy create-user
supabase functions deploy change-user-password
3

Set Secrets

If your functions require secrets:
supabase secrets set API_KEY=your-secret-key
4

Test Function

supabase functions invoke create-user --data '{"email":"[email protected]"}'

Getting API Keys

1

Navigate to API Settings

Go to Settings > API in your Supabase dashboard.
2

Copy Keys

You’ll need two keys for your application:For Client-Side (Application):
VITE_SUPABASE_URL=https://xxxxx.supabase.co
VITE_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
For Server-Side/Admin Operations (keep secret):
SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
3

Configure Environment

Add these to your environment:
  • Local development: Create .env.local file
  • Production: Add to your deployment platform’s environment variables
Never commit .env files with real credentials to version control. Use .env.example with placeholder values.

Connecting to Production Database

For direct database access (migrations, backups, etc.):
1

Get Connection String

Navigate to Settings > Database and copy the connection string:
postgresql://postgres:[YOUR-PASSWORD]@db.xxxxx.supabase.co:5432/postgres
2

Connect with psql

psql "postgresql://postgres:[YOUR-PASSWORD]@db.xxxxx.supabase.co:5432/postgres"
3

Or Use Database URL in Tools

Use the connection string with tools like:
  • pgAdmin
  • DBeaver
  • DataGrip
  • TablePlus

Database Backups

Supabase automatically backs up your database:
  • Free Tier: Daily backups, 7-day retention
  • Pro Tier: Daily backups, 30-day retention, point-in-time recovery

Manual Backup

1

Using Supabase CLI

supabase db dump -f backup.sql
2

Using pg_dump

pg_dump "postgresql://postgres:[PASSWORD]@db.xxxxx.supabase.co:5432/postgres" > backup.sql
3

Restore from Backup

psql "postgresql://postgres:[PASSWORD]@db.xxxxx.supabase.co:5432/postgres" < backup.sql

Security Best Practices

Use RLS Policies

Always enable Row Level Security on all tables. Never disable RLS in production.

Rotate Keys Regularly

Regenerate API keys periodically and after any suspected security breach.

Monitor Logs

Review authentication logs and API usage regularly in the Supabase dashboard.

Limit Permissions

Grant minimum required permissions. Use service role key only server-side.

Monitoring and Performance

Enable Monitoring

1

View Database Usage

Navigate to Settings > Usage to monitor:
  • Database size
  • API requests
  • Bandwidth usage
  • Authentication users
2

Check Database Performance

Go to Database > Performance to:
  • Identify slow queries
  • View index usage
  • Monitor connection pool
3

Set Up Alerts

Configure alerts for:
  • Database size approaching limit
  • High error rates
  • Slow query performance

Optimize Performance

  • Add Indexes: Create indexes on frequently queried columns
  • Use Connection Pooling: Enable Supavisor for connection management
  • Optimize Queries: Use the SQL Editor to analyze and optimize slow queries
  • Enable Caching: Use Supabase’s built-in caching for read-heavy operations

Troubleshooting

Connection Errors

  • Verify API keys are correct and not expired
  • Check if IP is allowed (Supabase allows all IPs by default)
  • Ensure network/firewall isn’t blocking requests

RLS Policy Errors

  • Check user has correct role in profiles table
  • Verify RLS policies are created and enabled
  • Test policies using the SQL Editor with different user contexts

Migration Failures

  • Run migrations in order (check timestamps in filenames)
  • Verify no conflicting table/column names
  • Check PostgreSQL logs in Supabase dashboard

Authentication Issues

  • Verify redirect URLs are configured correctly
  • Check email templates are set up
  • Ensure SMTP settings are correct (if using custom email)

Next Steps

Deployment Guide

Deploy your application to production

Database Schema

Explore the database tables and relationships

Build docs developers (and LLMs) love

Get started for freeTalk to us