Skip to content

Add User Banning Functionality with bannedUntil Field #1225

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add User Banning Functionality with bannedUntil Field #1225

wants to merge 3 commits into from

Conversation

ahmtydn
Copy link

@ahmtydn ahmtydn commented Sep 18, 2025

Summary

Add user banning functionality with bannedUntil field and isBanned computed property to the User class.

Changes Made ✅

Core Implementation

  • Added bannedUntil field: Nullable String property to store ban expiration timestamp
  • Added isBanned computed property: UTC-based validation to check if user is currently banned
  • JSON serialization: Full support for parsing banned_until from API responses
  • Backward compatibility: All changes are non-breaking, existing code unaffected

Technical Details

class User {
  final String? bannedUntil;  // New field
  
  bool get isBanned {         // New computed property
    if (bannedUntil == null) return false;
    try {
      final banExpiration = DateTime.parse(bannedUntil!);
      final now = DateTime.now().toUtc();
      return now.isBefore(banExpiration);
    } catch (e) {
      return false;  // Safe fallback for invalid dates
    }
  }
}

Usage Example

final user = Supabase.instance.client.auth.currentUser;

if (user?.isBanned == true) {
  print('User is banned until: ${user!.bannedUntil}');
  // Handle banned user logic
} else {
  // Normal user flow
}

Backend Requirements 🔄

This frontend implementation is ready but requires backend support:

  1. Database Schema: Add banned_until timestamptz column to auth.users table
  2. API Response: Include banned_until field in user object responses
  3. Server Validation: Implement ban checking on server endpoints

Database Migration Needed:

ALTER TABLE auth.users ADD COLUMN banned_until timestamptz;

Expected API Response Format:

{
  "id": "user-id",
  "email": "[email protected]",
  "banned_until": "2025-12-31T23:59:59.000Z",
  // ... other user fields
}

Current Status

  • ✅ Frontend parsing ready
  • ✅ UTC timezone handling implemented
  • ✅ Backward compatible
  • 🔄 Waiting for backend banned_until field support

Once backend adds the banned_until field to API responses, this feature will work automatically.

Testing

The implementation includes robust error handling:

  • Safe parsing of ISO 8601 date strings
  • UTC timezone normalization for global consistency
  • Graceful fallback for invalid date formats
  • Null safety throughout

Compatibility

  • Dart SDK: Compatible with existing version requirements
  • Breaking Changes: None - all changes are additive
  • Migration: No client-side migration needed

Next Steps

Seeking backend team collaboration to:

  • Add database migration for banned_until column
  • Update API responses to include the field
  • Implement server-side ban validation
  • Add admin endpoints for user ban management (optional)

The client-side implementation is production-ready! 🚀

Files Changed

  • packages/gotrue/lib/src/types/user.dart - Added bannedUntil field and isBanned method

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ahmtydn