KBVE · h0lybyte · Jan 11, 2025 · Jan 11, 2025 · Jan 11, 2025
diff --git a/apps/kbve.com/src/content/journal/01-10.mdx b/apps/kbve.com/src/content/journal/01-10.mdx
@@ -34,6 +34,11 @@ tags:
 ```
 
         This will add the library to our `pydiscordsh`.
+
+    11:00PM
+
+        There was a solid amount of progress being made this Friday!
+        However I am going to switch the notes over to the next day.
 
 ## 2024
 

diff --git a/apps/kbve.com/src/content/journal/01-11.mdx b/apps/kbve.com/src/content/journal/01-11.mdx
@@ -12,11 +12,73 @@ tags:
 
 ## Notes
 
-### 2024
+## 2025
+
+-   **Supabase**
+
+    12:06AM
+        The goal for the rest of the night is to configure the go true external auth for discord but also make sure that the callbacks work.
+        Okay, so lets look through the different areas that we need to adjust for!
+        First we need to update the `GOTRUE_JWT_ADMIN_ROLES` to include the `supabase_admin` as well.
+        All of these edits will be in `migrations/kube/charts/kilobase/supabase/values.yaml` at the start and we can work from there.        
+
+-   **JWT**
+
+    12:25AM
+
+        While working on the external supabase configuration, I also wanted to work on the JWT for the `pydiscordsh`.
+        After looking through the examples, it seems we would setup different `APIRouters`, the three main ones will be:
+
+            -   `/v1/discord/`
+            -   `/v1/admin/`
+            -   `/v1/users/`
+
+        I am also thinking we could do some other routes, maybe `/v1/tags/` and `/v1/category/` ?
+        We are not yet fully limited to these but they will make it easier for us to build around.
+
+        It would look something like this:
+
+        ```python
+
+        admin_router = APIRouter(prefix="/v1/admin", tags=["Admin"])
+
+        def verify_admin_jwt(credentials: HTTPAuthorizationCredentials = Depends(security)):
+            """
+            Dependency for protecting routes under admin access using Kilobase.
+            """
+            token = credentials.credentials
+            try:
+                kilobase.verify_admin_jwt(token)
+            except ValueError as e:
+                raise HTTPException(status_code=403, detail=str(e))
+
+        # Admin Protected Routes
+        @admin_router.get("/health-status", dependencies=[Depends(verify_admin_jwt)])
+        def admin_health_status():
+            """Check Supabase health status."""
+            return kilobase.health_status()
+
+        @admin_router.get("/users", dependencies=[Depends(verify_admin_jwt)])
+        def get_admin_users():
+            """Fetch all admin users."""
+            # Example placeholder for fetching admin users
+            return {"users": kilobase.get_user_by_id("some_user_id")}
+
+        @admin_router.post("/add-category", dependencies=[Depends(verify_admin_jwt)])
+        def admin_add_category(category: str):
+            """Add a new category."""
+            return {"message": f"Category '{category}' added successfully"}
+
+        ```
+
+        Then we can work around exactly how we want to handle some of the routes and concepts.
+
+
+## 2024
 
 -   11:30am - `Paladin`
 
-    #### Paladin
+    ### Paladin
 
         I decided to make a Paladin within the Season of Discovery!
         I am thinking of making the character a bit like ThorSoul from my DnD campaign but maybe use it as a creative tool.

diff --git a/apps/pydiscordsh/pydiscordsh/apps/kilobase.py b/apps/pydiscordsh/pydiscordsh/apps/kilobase.py
@@ -56,17 +56,24 @@ def verify_jwt(self, token: str) -> dict:
         except InvalidTokenError:
             raise ValueError("Invalid token.")
 
+    def verify_admin_jwt(self, token: str) -> dict:
+        """Verify if the JWT belongs to an admin user."""
+        decoded = self.verify_jwt(token)
+        if not decoded.get("admin"):
+            raise ValueError("Admin access required.")
+        return decoded
+
     def get_user_by_id(self, user_id: str):
         """
-        Fetch a user's data from the Supabase `users` table.
+        Fetch a user's data from the Supabase `user_profiles` table.
 
         Args:
             user_id (str): The user ID to query.
 
         Returns:
             dict: User data or None if not found.
         """
-        response = self.client.table("users").select("*").eq("id", user_id).single().execute()
+        response = self.client.table("user_profiles").select("*").eq("id", user_id).single().execute()
         return response.data if response.data else None
 
     def extract_user_id(self, token: str) -> str:
@@ -109,7 +116,7 @@ def health_status(self) -> dict:
         """
         try:
             # Attempt a simple query to check the connection health
-            response = self.client.table("users").select("id").limit(1).execute()
+            response = self.client.table("user_profiles").select("id").limit(1).execute()
 
             # Check if the response is valid
             if response.data is not None:

diff --git a/migrations/kube/charts/kilobase/supabase/values.yaml b/migrations/kube/charts/kilobase/supabase/values.yaml
@@ -156,7 +156,7 @@ auth:
         GOTRUE_URI_ALLOW_LIST: '*'
         GOTRUE_DISABLE_SIGNUP: 'false'
         GOTRUE_JWT_DEFAULT_GROUP_NAME: authenticated
-        GOTRUE_JWT_ADMIN_ROLES: service_role
+        GOTRUE_JWT_ADMIN_ROLES: 'supabase_admin,service_role'
         GOTRUE_JWT_AUD: authenticated
         GOTRUE_JWT_EXP: '3600'
         GOTRUE_EXTERNAL_EMAIL_ENABLED: 'true'
-Original file line number
+Diff line change
@@ Expand Up / @@ -34,6 +34,11 @@ tags: @@
     ```
             This will add the library to our `pydiscordsh`.
+:00PM
+            There was a solid amount of progress being made this Friday!
+            However I am going to switch the notes over to the next day.
     ## 2024
@@ Expand Down @@