MikeWatch Forks of the Mike legal-AI codebase, distilled for legal-tech readers
Home · juanjo/mike · this thread

juanjo cuts Mike's cord to Supabase

The frontend now talks to its own backend through a cookie, not a hosted auth service - and the whole stack boots from a single command.

infrastructuresecurity

juanjo has finished pulling Supabase out of Mike entirely. Supabase was doing double duty as the hosted database and the login system; both now run locally. The browser side has been rewired to authenticate through a cookie issued by Auth.js (an open-source login library for Next.js apps) and to talk to the backend over same-origin URLs, instead of carrying a bearer token to a hosted service.

The practical result: a fresh contributor can clone the repo, run one Docker command, and have a working stack - Postgres for data, MinIO standing in for cloud object storage, login working end-to-end - without signing up for anything. The team also added a profile-update endpoint so user records flow through the backend rather than a third-party SDK.

So what For legal-tech leads evaluating Mike forks: this one is now self-hostable from day one, with no vendor accounts required to try it.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?

Commits in this thread

5 commits from juanjo/mike, oldest first. Source extracted verbatim from the harvested git log.

SHA Subject Author Date
dde61d26 feat(frontend): drop Supabase auth from hooks (use cookie credentials) Juan Vidal 2026-05-08 ↗ GitHub
commit body 
Replace supabase.auth.getSession()+Bearer header pattern with
credentials:"include" across useFetchSingleDoc, useFetchDocxBytes,
and useDocumentVersions. Switch absolute NEXT_PUBLIC_API_BASE_URL
URLs to relative /api/backend/* so the Next.js rewrite forwards
the Auth.js session cookie automatically.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
fca7df4c feat(frontend): drop Supabase auth from components (use cookie credentials) Juan Vidal 2026-05-08 ↗ GitHub
commit body 
Replace supabase.auth.getSession()+Bearer header pattern with
credentials:"include" in DocPanel (EditResolveButtons + DownloadButton),
DocxView (tagWIdsOnRenderedDom), EditCard (handle), and AssistantMessage
(BulkEditActions + DocDownloadBlock). Switch all absolute
NEXT_PUBLIC_API_BASE_URL URLs to relative /api/backend/* paths.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
c3bdd90f feat(frontend): rewrite lib/auth.ts to use Auth.js instead of Supabase Juan Vidal 2026-05-08 ↗ GitHub
commit body 
Replace the Bearer-token validation via Supabase with Auth.js's auth()
call. getUserFromRequest no longer takes a NextRequest argument since
Auth.js reads the session cookie internally.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
10d66a58 feat(backend): add PATCH /user/me for profile updates Juan Vidal 2026-05-08 ↗ GitHub
125982eb feat(frontend): migrate UserProfileContext to backend API; delete lib/supabase.ts Juan Vidal 2026-05-08 ↗ GitHub

Capture this thread into my fork

Download a single Markdown prompt that tells Claude how to port every commit above into your working tree — adapting paths and structure to match your repo. Run it via claude -p < capture-thread-184.md from inside the repo you want the changes in.

⬇ Download capture-thread-184.md