Supabase Edge Functions with Meridian

Verify Meridian license tokens at the edge before touching your database.

supabase/functions/verify-license/index.ts

import { serve } from "https://deno.land/std/http/server.ts";

serve(async (req: Request) => {
  const token = req.headers.get("Authorization")?.replace("Bearer ", "");
  if (!token) {
    return new Response(JSON.stringify({ valid: false }), {
      status: 401,
      headers: { "Content-Type": "application/json" },
    });
  }

  const res = await fetch("https://api.meridian.sh/v1/verify", {
    method: "POST",
    headers: {
      "Authorization": `Bearer ${token}`,
      "Content-Type": "application/json",
    },
    body: JSON.stringify({ product_id: "nimbus" }),
  });

  const data = await res.json();
  if (!data.valid) {
    return new Response(JSON.stringify({ valid: false }), {
      status: 403,
      headers: { "Content-Type": "application/json" },
    });
  }

  // Token valid — proceed to DB query or RPC
  return new Response(JSON.stringify({ valid: true, user: data.user }), {
    status: 200,
    headers: { "Content-Type": "application/json" },
  });
});

Deploy this function via supabase functions deploy verify-license. Call it from your frontend with the Meridian session token in the Authorization header. Invalid tokens never reach your database logic.

Back to docs Dashboard →