From d5a3b0e12b9aa3eb17fbd7793d4389da313792b4 Mon Sep 17 00:00:00 2001 From: Daniel Date: Wed, 30 Oct 2024 20:07:20 -0300 Subject: [PATCH] docs: add extension and fix link --- content/docs/extensions/extensions-intro.md | 2 ++ content/docs/extensions/pg-extensions.md | 1 + content/docs/guides/neon-authorize.md | 2 +- 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/content/docs/extensions/extensions-intro.md b/content/docs/extensions/extensions-intro.md index 49b4b29c21..f21f9f1090 100644 --- a/content/docs/extensions/extensions-intro.md +++ b/content/docs/extensions/extensions-intro.md @@ -251,6 +251,8 @@ Explore supported Postgres extensions by category. Also see: +pg_session_jwt + pgcrypto pgjwt diff --git a/content/docs/extensions/pg-extensions.md b/content/docs/extensions/pg-extensions.md index 46ecc34b9c..ec2ce1c2b3 100644 --- a/content/docs/extensions/pg-extensions.md +++ b/content/docs/extensions/pg-extensions.md @@ -51,6 +51,7 @@ Postgres 17, released in September 2024, currently lacks support for several ext | [pg_partman](https://github.com/pgpartman/pg_partman) | 5.1.0 | 5.1.0 | 5.1.0 | 5.1.0 | | | [pg_prewarm](/docs/extensions/pg_prewarm) | 1.2 | 1.2 | 1.2 | 1.2 | | | [pg_roaringbitmap](https://github.com/ChenHuajun/pg_roaringbitmap) | 0.5 | 0.5 | 0.5 | 0.5 | Install with `CREATE EXTENSION roaringbitmap;` | +| [pg_session_jwt](/docs/guides/neon-authorize#how-the-pgsessionjwt-extension-works) | 0.1.2 | 0.1.2 | 0.1.2 | - | | | [pg_stat_statements](/docs/extensions/pg_stat_statements) | 1.9 | 1.10 | 1.10 | 1.11 | | | [pg_tiktoken](/docs/extensions/pg_tiktoken) | 0.0.1 | 0.0.1 | 0.0.1 | - | The [neon_superuser](/docs/manage/roles#the-neonsuperuser-role) role has `EXECUTE` privilege on the `pg_stat_statements_reset()` function. | | [pg_trgm](/docs/extensions/pg_trgm) | 1.6 | 1.6 | 1.6 | 1.6 | | diff --git a/content/docs/guides/neon-authorize.md b/content/docs/guides/neon-authorize.md index 99e5ca3d75..f740629288 100644 --- a/content/docs/guides/neon-authorize.md +++ b/content/docs/guides/neon-authorize.md @@ -40,7 +40,7 @@ const sql = neon(process.env.DATABASE_AUTHENTICATED_URL, { authToken: myAuthProv await sql(`select * from todos`); ``` -Behind the scenes, the [Neon Proxy](#the-role-of-the-neon-proxy) performs the validation, while Neon's open source [pg_session_jwt](#how-the-pg_session_jwt-extension-works) extension makes the extracted `user_id` available to Postgres. You can then use **Row-Level Security (RLS)** policies in Postgres to enforce access control at the row level, ensuring that users can only access or modify data according to the defined rules. Since these rules are implemented directly in the database, they can offer a secure fallback — or even a primary authorization solution — in case security in other layers of your application fail. See [when to rely on RLS](#when-to-rely-on-rls) for more information. +Behind the scenes, the [Neon Proxy](#the-role-of-the-neon-proxy) performs the validation, while Neon's open source [pg_session_jwt](/docs/guides/neon-authorize#how-the-pgsessionjwt-extension-works) extension makes the extracted `user_id` available to Postgres. You can then use **Row-Level Security (RLS)** policies in Postgres to enforce access control at the row level, ensuring that users can only access or modify data according to the defined rules. Since these rules are implemented directly in the database, they can offer a secure fallback — or even a primary authorization solution — in case security in other layers of your application fail. See [when to rely on RLS](#when-to-rely-on-rls) for more information. ![neon authorize architecture](/docs/guides/neon_authorize_architecture.png)