HKSingleParty/99_references/supabase-examples/auth/flutter-mfa

Flutter Supabase MFA Example

A Flutter app demonstrating how to implement Multi-Factor Authentication (MFA) with Supabase and Flutter. A user can sign up, add MFA via an authenticator app, and only after they have signed in using MFA they can view the content from the database.

• Full tutorial article here

Getting Started

• Create a new Supabase project here
• Add your Supabase credentials to lib/main.dart
• Run the following SQL from the SQL editor of your Supabase dashboard to create a table and dummy data

-- Dummy table that contains "secure" information
create table if not exists public.private_posts (
    id int generated by default as identity primary key,
    content text not null
);

-- Dmmy "secure" data
insert into public.private_posts
    (content)
values
    ('Flutter is awesome!'),
    ('Supabase is awesome!'),
    ('Postgres is awesome!');

-- Enable RLS for private_posts table
alter table public.private_posts enable row level security;

-- Create a policy that only allows read if they user has signed in via MFA
create policy "Users can view private_posts if they have signed in via MFA"
  on public.private_posts
  for select
  to authenticated
  using ((select auth.jwt()->>'aal') = 'aal2');

• Run the app and test the login flow 🚀

Resources

• Flutter Tutorial: building a Flutter chat app article
• Flutter Authorization with RLS article
• Supabase docs for Flutter
• Supabase Flutter YouTube playlist