Description
This plugin integrates Supabase Authentication into your WordPress site, providing a secure, scalable, and modern membership system.
It allows you to completely separate “Site Administrators” (who use WordPress native auth) from “General Users” (who use Supabase auth).
This ensures your wp-admin remains secure while offering a seamless login experience for your customers.
Full Setup Guide
We have prepared a comprehensive guide to help you through the process, including Google Cloud Platform configuration and Supabase settings:
https://edel-hearts.com/edel-auth-for-supabase-guide/?display_lang=en
Key Features
- Supabase Authentication: Support for Email/Password, Magic Links (Passwordless), and Social Login (Google).
- Auto Synchronization: Users created in Supabase are automatically synced to WordPress as subscribers upon login.
- Logout Synchronization: Logging out of WordPress automatically triggers a sign-out from Supabase to ensure session consistency.
- User Deletion Sync: Deleting a user in WordPress automatically removes the corresponding user from Supabase (Requires Service Role Key).
- Secure Admin Separation: Administrators are blocked from logging in via the frontend forms to prevent privilege escalation attacks.
- Smart Password Reset: Automatically detects if a user registered via Google and guides them to use the “Log in with Google” button instead of sending a reset email.
- Welcome Emails: Sends customizable “Welcome” emails directly from WordPress upon successful registration. Custom Sender Name and Email are supported.
- Keep Alive (Maintenance): Automatically accesses Supabase once a day to prevent free projects from pausing due to inactivity.
- Developer Friendly: Includes hooks for customizing user roles and syncing additional metadata.
Why use this plugin?
Unlike other plugins that sync the entire database, Edel Auth for Supabase authenticates users via the Supabase API on the frontend and only creates a WordPress user session when necessary.
This keeps your WordPress database clean and your site fast.
For Developers
You can customize the plugin behavior using the following hooks in your theme’s functions.php:
-
Filter Hook: eafs_user_role
This filter allows you to dynamically change the WordPress user role based on the Supabase provider (e.g., assigning a ‘contributor’ role to users who log in via Google). -
Action Hook: eafs_after_user_sync
This action triggers after a user is successfully synced from Supabase to WordPress. It is ideal for updating additional user metadata, such as syncing the display name or recording the last login timestamp.
Shortcodes
[eafs_login]– Displays the login form.[eafs_register]– Displays the registration form.[eafs_forgot_password]– Displays the password reset request form.[eafs_update_password]– Displays the new password entry form (for the reset flow).[eafs_logout]– Displays a logout button (only visible to logged-in users).
Installation
- Upload the plugin files to the
/wp-content/plugins/edel-auth-for-supabasedirectory, or install the plugin through the WordPress plugins screen directly. - Activate the plugin through the ‘Plugins’ screen in WordPress.
- Go to Settings > Edel Auth (Supabase).
- For a step-by-step walkthrough of the API and Google Login setup, refer to our official guide:
https://edel-hearts.com/edel-auth-for-supabase-guide/?display_lang=en
Supabase Setup (Required)
- Log in to your Supabase Dashboard.
- Go to Project Settings > API.
- Copy the Project URL, anon public key, and service_role secret.
- Paste these credentials into the plugin settings page in WordPress.
* Note: The service_role key is stored securely and used for administrative tasks like checking Google users, syncing user deletions, or the “Keep Alive” feature.
Email Setup (Optional)
You can configure the plugin to send a “Welcome Email” from WordPress upon new user registration.
Go to Settings > Edel Auth (Supabase) and configure the Welcome Email Settings section.
You can specify the Sender Name, Sender Email, Subject, and Body content.
Maintenance Settings (Optional)
If you are using Supabase’s Free Plan, projects may be paused after 7 days of inactivity.
Enable “Keep Alive” in the settings to have WordPress automatically access your Supabase project once a day, preventing it from pausing.
FAQ
-
How do I remove the “Powered by Supabase” text from Supabase emails?
-
This text is automatically added by Supabase if you are using their built-in email service.
To remove it, you must configure Custom SMTP in your Supabase Project Settings.
Once configured, you can edit the Email Templates to remove the footer. -
Does this plugin sync users to the WordPress database?
-
Yes, but efficiently.
A WordPress user record is created (or updated) only when a user successfully logs in via Supabase.
This ensures that users exist in WordPress for compatibility with other plugins (like WooCommerce or membership plugins), but authentication is handled by Supabase. -
Does logging out of WordPress log me out of Supabase?
-
Yes.
The plugin detects the WordPress logout action and triggers a sign-out request to Supabase on the frontend, ensuring both sessions are terminated. -
What happens if I delete a user from WordPress?
-
If you have configured the Service Role Key in the settings, deleting a user from the WordPress admin screen will also delete the corresponding user from your Supabase project.
-
What happens if a Google-registered user tries to reset their password?
-
The plugin’s “Smart Check” feature detects that the email is associated with a Google provider.
Instead of sending a reset email (which wouldn’t work), it displays a helpful message advising the user to log in with Google. -
Can Administrators log in via the Supabase form?
-
No. For security reasons, users with
administratorprivileges are blocked from logging in via the frontend Supabase forms.
Admins should continue using the default/wp-login.phpor/wp-admin. -
Where can I find the Redirect URL for Google Login?
-
If you use Google Login, you need to add your site’s URL to the Redirect URLs in Supabase (Authentication > URL Configuration).
Usually, this is just your site’s home URL (e.g.,https://example.com).
Reviews
There are no reviews for this plugin.
Contributors & Developers
“Edel Auth for Supabase” is open source software. The following people have contributed to this plugin.
Contributors
Translate “Edel Auth for Supabase” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.2
- Updated documentation link and developer hooks instructions.
- Fixed code block formatting issues in readme.
1.0.1
- Fixed file naming issues and updated branding.
1.0.0
- Initial release.