Skip to content

daemontechtools/strapi-provider-upload-supabase-storage

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
lib
lib
 
 
.gitignore
.gitignore
 
 
.npmignore
.npmignore
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation

Strapi Upload Provider for Supabase Storage

This provider was based on Strapi's official AWS S3 Provider but adapted for Supabase's Storage API

Links

Installation

# using yarn
yarn add strapi-provider-upload-supabase-storage

# using npm
npm install strapi-provider-upload-supabase-storage --save

Configuration

  • provider defines the name of the provider
  • providerOptions is passed down during the construction of the provider. (ex: supabase.createClient(apiUrl, apiKey, options)). Complete list of options
  • actionOptions is passed directly to the parameters to each method respectively. You can find the complete list of upload/ uploadStream options. There are currently no options for delete.

Provider Configuration

./config/plugins.js or ./config/plugins.ts for TypeScript projects:

module.exports = ({ env }) => ({
  // ...
  upload: {
    config: {
        provider: 'strapi-provider-upload-supabase-storage',
        providerOptions: {
            apiKey: env('SUPABASE_API_KEY'),
            apiUrl: env('SUPABASE_API_URL'),
            bucket: {
                name: 'strapi-uploads',
                public: true
            },
        },
        actionOptions: {
            upload: {},
            uploadStream: {},
        },
    },
  },
  // ...
});

Security Middleware Configuration

Due to the default settings in the Strapi Security Middleware you will need to modify the contentSecurityPolicy settings to properly see thumbnail previews in the Media Library. You should replace strapi::security string with the object bellow instead as explained in the middleware configuration documentation.

./config/middlewares.js

module.exports = ({ env }) => [
  // ...
  {
    name: 'strapi::security',
    config: {
      contentSecurityPolicy: {
        useDefaults: true,
        directives: {
          'connect-src': ["'self'", 'https:'],
          'img-src': [
            "'self'",
            'data:',
            'blob:',
            env('SUPABASE_API_URL'),
          ],
          'media-src': [
            "'self'",
            'data:',
            'blob:',
            env('SUPABASE_API_URL'),
          ],
          upgradeInsecureRequests: null,
        },
      },
    },
  },
  // ...
];

Bucket Privacy

This provider allows you to configure your Bucket to be private. However, doing so will mean that the url returned to Strapi won't be publically accessible. This will break things like asset thumbnails in Strapi's Media Library as you won't be able to reference your assets from any public frontend. While you'll still be able to delete these assets from Strapi, any other read/write actions will need to be authenticated with Supabase and satisfy the Bucket's Security Policy.

About

A Supabase Storage provide for Strapi Upload

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages