You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is quite a hastle compared to the otherwise extremely well-done auth developer experience.
In addition, this is probably unsafe because it is unclear to me if cascade etc. is setup properly on other tables in the auth schema that reference the users table.
Potential Solution
I believe that there should also be a deleteUser() function within the auth namespace. This function should trigger a confirmation email to be sent to the email address, just like during signup-verification or password reset.
Question
According to my understanding, this should not pose additional security risk compared to a password reset as users would only be able to delete their own user. What do you think?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Supabase
-
Problem
Currently, deleting users from the application is only possible
This is quite a hastle compared to the otherwise extremely well-done auth developer experience.
In addition, this is probably unsafe because it is unclear to me if cascade etc. is setup properly on other tables in the auth schema that reference the users table.
Potential Solution
I believe that there should also be a deleteUser() function within the auth namespace. This function should trigger a confirmation email to be sent to the email address, just like during signup-verification or password reset.
Question
According to my understanding, this should not pose additional security risk compared to a password reset as users would only be able to delete their own user. What do you think?
5 votes ·
Beta Was this translation helpful? Give feedback.
All reactions