/plushcap/analysis/supabase/supabase-realtime-row-level-security-in-postgresql

Realtime Postgres RLS now available on Supabase

What's this blog post about?

Realtime, a server that listens to changes in your PostgreSQL database and broadcasts them to clients through websocket connections, has received security improvements. Database changes will now be broadcasted only to authenticated users, respecting the same PostgreSQL policies used for Row Level Security (RLS). This update is significant as it addresses a key concern of developers who rely on Realtime for receiving and sending database changes in their apps and services. The implementation leverages WALRUS (Write Ahead Log Realtime Unified Security), which exposes a PostgreSQL function that the Realtime server invokes with database changes, ensuring efficient querying to check access and maximizing throughput performance.

Company
Supabase

Date published
Dec. 1, 2021

Author(s)
Oliver Rice

Word count
1098

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.