Merge pull request #232 from coleam00/fix/supabase-key-validation-and-state-consolidation

Fix Supabase key validation and consolidate frontend state management
2025-12-24 02:39:17 -05:00 · 2025-08-18 21:19:27 +03:00
parent 868ebe1f78 120eae09b2
commit 667cae2846
19 changed files with 854 additions and 317 deletions
--- a/.env.example
+++ b/.env.example
@@ -5,9 +5,22 @@
 # https://supabase.com/dashboard/project/<your project ID>/settings/api
 SUPABASE_URL=

-# Get your SUPABASE_SERVICE_KEY from the API Keys section of your Supabase project settings -
-# https://supabase.com/dashboard/project/<your project ID>/settings/api-keys
-# On this page it is called the service_role secret.
+# ⚠️ CRITICAL: You MUST use the SERVICE ROLE key, NOT the Anon key! ⚠️
+# 
+# COMMON MISTAKE: Using the anon (public) key will cause ALL saves to fail with "permission denied"!
+#
+# How to get the CORRECT key:
+# 1. Go to: https://supabase.com/dashboard/project/<your project ID>/settings/api
+# 2. In the Settings menu, click on "API keys" 
+# 3. Find "Project API keys" section
+# 4. You will see TWO keys - choose carefully:
+#    ❌ anon (public): WRONG - This is shorter, starts with "eyJhbGc..." and contains "anon" in the JWT
+#    ✅ service_role (secret): CORRECT - This is longer and contains "service_role" in the JWT
+#
+# The service_role key is typically much longer than the anon key.
+# If you see errors like "Failed to save" or "Permission denied", you're using the wrong key!
+#
+# On the Supabase dashboard, it's labeled as "service_role" under "Project API keys"
 SUPABASE_SERVICE_KEY=

 # Optional: Set log level for debugging