Our client library is completely modular, so the authentication part works with gotrue (Netlify's auth server). Our client library is here (and yes, stored in local storage): https://github.com/supabase/gotrue-js

> How does the auth front end work?

Once we authenticate the user, the JWT is passed as a header and you can use it in Postgres within Policies (for Row Level Security). We add some helper functions in an auth schema to make this easier