Last updated: Aug 1, 2025, 02:40 PM UTC

Authentication System Cleanup Summary

Overview

All references to the old client-side authentication system have been removed from @knowcode/doc-builder. The project now exclusively uses Supabase for authentication needs.

Changes Made

1. Removed Files

  • /assets/js/auth.js - Old client-side auth script deleted

2. Updated Documentation

  • /docs/guides/authentication-guide.md - Completely rewritten for Supabase only
  • /docs/guides/public-site-deployment.md - Updated migration section
  • /docs/guides/supabase-auth-setup-guide.md - Removed old auth references
  • /docs/launch/bubble-plugin-specification.md - Updated to Supabase auth
  • Created /docs/guides/supabase-auth-implementation-completed.md - Records completion

3. CLI Updates

  • Updated help text in cli.js to reference Supabase authentication
  • Removed "password protection" terminology
  • All auth references now point to Supabase

4. Configuration Changes

  • Default config has authentication: false
  • Notion preset has authentication: false
  • Only Supabase auth can be enabled with authentication: 'supabase'

Current State

Authentication Options

  1. No Authentication (Default)

    // No config needed - public by default

  2. Supabase Authentication

    features: {
  authentication: 'supabase'
},
auth: {
  supabaseUrl: 'https://xxx.supabase.co',
  supabaseAnonKey: 'xxx',
  siteId: 'xxx'
}

CLI Commands

  • npx @knowcode/doc-builder build - Builds public site by default
  • npx @knowcode/doc-builder build --no-auth - Forces public build
  • npx @knowcode/doc-builder deploy - Deploys based on config
  • npx @knowcode/doc-builder deploy --no-auth - Forces public deployment

What Users Need to Know

  1. Authentication is disabled by default - Public docs work out of the box
  2. Only Supabase is supported - No other auth methods available
  3. Old configs won't work - Must migrate to Supabase if auth needed
  4. Clear documentation - Full guide at /docs/guides/authentication-guide.md

No Traces Remain

  • No username/password fields in config
  • No client-side credential checking
  • No references to "basic auth" in active code
  • No old auth.js files
  • All documentation updated

The cleanup is complete. @knowcode/doc-builder now has a clean, secure authentication system powered exclusively by Supabase.