MikeWatch Forks of the Mike legal-AI codebase, distilled for legal-tech readers
Home · rainylabs/mike · PR #1

Replace Supabase with Auth0 + Heroku Postgres + S3

🟢 open · #1 · rainylabs/mike ← rainylabs/mike · opened 7d ago by mosha101 · self · +3,401-1,280 across 24 files · ↗ on GitHub

From the PR description

Summary

  • Auth: Supabase Auth → Auth0 (drizzling.auth0.com). Backend verifies JWTs via JWKS; an internal public.users table is upserted on every request keyed by auth0_sub.
  • DB: Supabase Postgres → Heroku Postgres add-on. Drizzle ORM is the schema source of truth; route code keeps working through a thin pg-backed Supabase-shape shim at backend/src/lib/supabase.ts so the 11k-line route layer didn't need a rewrite.
  • Storage: Cloudflare R2 → AWS S3 (rainylabs-mike-prod, us-east-1). IAM user mike-backend provisioned with scoped policy; keys stored in Secrets Manager (mike/S3_*).
  • Runtime: New backend/Dockerfile (multi-stage Node 20 + LibreOffice for DOC/DOCX → PDF) and root heroku.yml for Heroku container deploys.
  • Frontend: @supabase/*@auth0/nextjs-auth0 v4. Auth0 middleware mounts /auth/*; new /auth/profile and /auth/access-token bridge endpoints feed an Auth0-backed shim at frontend/src/lib/supabase.ts so existing supabase.auth.* call sites still work.

What's still needed before this deploys

These are user-driven steps that can't be automated from this PR:

  1. Heroku (heroku auth:whoami is currently unauthed). After logging in:
    • heroku create rainylabs-mike-backend --team rain-developers --stack container --region us
    • heroku addons:create heroku-postgresql:mini -a rainylabs-mike-backend
    • heroku config:set ... with the env from backend/.env.example
    • git push heroku feat/rainylabs-deploy:main (or set up GitHub Actions)
    • Apply schema: heroku pg:psql -a rainylabs-mike-backend < backend/schema.sql
  2. Auth0 (existing drizzling.auth0.com tenant):
    • Create an API with identifier (audience) https://api.mike.rainylabs (or chosen value)
    • Create an SPA application for the Next.js frontend; capture client id + secret
    • Configure callbacks/CORS for the frontend URL
  3. AI provider keys - set ANTHROPIC_API_KEY / OPENAI_API_KEY / GEMINI_API_KEY in Heroku config

Test plan

  • heroku create + add-ons + config vars
  • Push deploy succeeds; container boots; logs show "listening on PORT"
  • curl -H "Authorization: Bearer <auth0-test-token>" https://rainylabs-mike-backend.herokuapp.com/projects returns 200 (after applying schema)
  • Frontend Auth0 login → /auth/profile returns user, /auth/access-token returns access token
  • End-to-end: log in, create a project, upload a doc, run a chat

🤖 Generated with Claude Code

Our analysis

Migrate Mike stack to Auth0, Heroku Postgres, and S3 — read the full analysis →

Think the analysis missed something the PR description covers?

Capture this PR into my fork

Download a Markdown prompt that tells Claude how to port every commit in this PR into your working tree. Run it via claude -p < capture-pull-1.md from inside the repo you want the changes in.

⬇ Download capture-pull-1.md