Supabase Auth Client
Component Detail
Description
Infrastructure wrapper around the Supabase Flutter SDK's auth module. Provides an injectable singleton client used across all authentication-related services, initialized with project URL and anon key from environment configuration.
supabase-auth-client
Summaries
The Supabase Auth Client is the foundational infrastructure component that connects the application to its identity and access management backend. By centralising authentication around Supabase, the business avoids the significant cost and risk of building and maintaining a proprietary auth system, which would require dedicated security expertise, ongoing compliance work, and incident response capacity. Supabase provides enterprise-grade security features including JWT-based sessions, OAuth provider support, and audit logging out of the box. As a shared singleton reused across all authentication surfaces in the application, this component ensures a consistent and auditable security posture across the entire product, directly reducing the risk of credential-related security incidents.
The Supabase Auth Client is a low-complexity infrastructure wrapper with no internal dependencies, making it the correct first component to implement and the foundation on which all other authentication components depend. It must be delivered and signed off before the Authentication Repository, auth use cases, or any feature requiring user identity can begin integration testing. Setup requires provisioning a Supabase project, configuring the project URL and anon key in environment configuration, and validating the initialisation flow in both debug and release build profiles. Testing scope includes initialisation success and failure paths, client singleton integrity across the app lifecycle, and auth state listener subscription and cleanup.
The main delivery risk is environment configuration management across dev, staging, and production — a secrets management strategy should be agreed before this component is merged.
The Supabase Auth Client is an injectable singleton that wraps the supabase_flutter SDK, exposing two typed accessors: the raw SupabaseClient for database and storage operations, and the GoTrueClient (via .auth) for all identity operations including sign-in, sign-up, token refresh, and auth state streaming. Initialisation is asynchronous and must complete before any dependent service is constructed — this should be enforced at the DI container level using an async factory or initialisation guard. The dispose() method tears down active auth state listeners and should be called only on full application teardown. Environment credentials (project URL, anon key) must be injected from build-time configuration rather than hardcoded.
Downstream consumers such as the Authentication Repository should depend on this client via interface abstraction to allow test doubles to be substituted during unit testing without requiring a live Supabase instance.
Responsibilities
- Initialize and configure Supabase client with environment credentials
- Expose the GoTrueClient for auth operations
- Manage auth state listeners and subscriptions
Interfaces
initialize(String url, String anonKey) Future<void>
get client SupabaseClient
get auth GoTrueClient
dispose()
Relationships
Dependents (2)
Components that depend on this component