chore(backend): Add helper type for auth helpers without request parameters #6910

wobsoriano · 2025-10-03T15:31:52Z

Description

This PR introduces a internal GetAuthFnNoRequest type for auth()/getAuth() helpers that don't require a request parameter (Next.js, Astro, Nuxt, TanStack Start) and consolidates auth function type definitions across all Clerk SDKs. This eliminates type duplication and ensures consistency between SDKs without request/context parameters.

const authObj = auth({ acceptsToken: 'session_token' }) // nextjs
const authObj = getAuth({ acceptsToken: 'session_token' }) // Astro, Nuxt, TanStack Start

For context, we also have a GetAuthFn shared helper type, but it is for SDKs like Express, Fastify and React Router where a request/context param is required:

const auth = getAuth(request, { acceptsToken: 'session_token' })

This is a purely internal refactoring that maintains the same public API.

Checklist

pnpm test runs as expected.
pnpm build runs as expected.
(If applicable) JSDoc comments have been added or updated for any package exports
(If applicable) Documentation has been updated

Type of change

Summary by CodeRabbit

New Features
- Session-based auth objects now expose redirect helpers and a variant of auth usable without a request/context.
Refactor
- Public auth types simplified and unified across frameworks for more consistent usage.
Documentation
- Added note describing the helper type for request-less auth calls.
Tests
- Type tests updated to cover request-less auth flows and adjusted assertions.
Chores
- Patch dependency bumps across Clerk packages.

changeset-bot · 2025-10-03T15:31:56Z

🦋 Changeset detected

Latest commit: 6471cc3

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 11 packages

Name	Type
@clerk/astro	Patch
@clerk/backend	Patch
@clerk/express	Patch
@clerk/fastify	Patch
@clerk/nextjs	Patch
@clerk/nuxt	Patch
@clerk/tanstack-react-start	Patch
@clerk/agent-toolkit	Patch
@clerk/react-router	Patch
@clerk/remix	Patch
@clerk/testing	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

vercel · 2025-10-03T15:31:57Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
clerk-js-sandbox	Ready	Preview	Comment	Oct 7, 2025 3:16pm

coderabbitai · 2025-10-03T15:32:05Z

Walkthrough

Type-level refactors expose AuthOptions and add GetAuthFnNoRequest; framework adapters and middleware signatures switch to these types; session-auth-with-redirect types are exported in Astro and Next.js; Nuxt tests move from event.locals → event.context; a changeset records dependency bumps. No runtime behavior changes.

Changes

Cohort / File(s)	Summary
Changeset and dependencies `.changeset/real-trainers-knock.md`	Patch-level dependency bumps across Clerk packages; added note about an internal helper type; no runtime or public API behavior changes.
Backend public types & re-exports `packages/backend/src/tokens/types.ts`, `packages/backend/src/internal.ts`	`AuthOptions` made exported; new `GetAuthFnNoRequest` interface added; `internal.ts` re-exports the types. No runtime changes.
Backend type tests `packages/backend/src/tokens/__tests__/getAuth.test-d.ts`	Tests reworked to cover request vs no-request auth signatures; switched assertions to `toExtend`; added `RedirectFun` and discriminated-union async paths.
Astro types & middleware `packages/astro/src/server/types.ts`, `packages/astro/src/server/clerk-middleware.ts`	Exported `SessionAuthObjectWithRedirect`; replaced overload-based `AuthFn` with `GetAuthFnNoRequest<SessionAuthObjectWithRedirect>`; removed local `AuthOptions` alias and `ClerkMiddlewareAuthObject`; `redirectToSignIn` now typed from `SessionAuthObjectWithRedirect`.
Next.js app-router auth & middleware `packages/nextjs/src/app-router/server/auth.ts`, `packages/nextjs/src/server/clerkMiddleware.ts`	Exported `SessionAuthWithRedirect` (redirects typed to `RedirectFun<ReturnType<typeof redirect>>`); simplified `AuthFn` to `GetAuthFnNoRequest<SessionAuthWithRedirect, true> & { protect: AuthProtect }`; middleware auth type changed to `AuthFn`.
Framework getAuth adapters `packages/express/src/getAuth.ts`, `packages/fastify/src/getAuth.ts`, `packages/tanstack-react-start/src/server/getAuth.ts`	Replaced local/previous option types with `AuthOptions` in imports and function parameter types; removed prior local option aliases; runtime logic unchanged aside from option shape.
Nuxt types & tests `packages/nuxt/src/runtime/server/types.ts`, `packages/nuxt/src/runtime/server/__tests__/auth.test-d.ts`	Public `AuthFn` simplified to `GetAuthFnNoRequest`; tests migrated from `event.locals.` → `event.context.` and from `toMatchTypeOf` → `toExtend`; updated discriminated-union checks.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

I twitch my whiskers at exported types,
Hop through sessions and redirect lights.
No runtime hops, just signatures neat,
Tests now nibble at context to eat.
A tiny rabbit dance for refactors complete. 🐇✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title clearly summarizes the primary change by indicating a chore to add a helper type for auth functions that do not require request parameters, which aligns with the PR’s objective of introducing GetAuthFnNoRequest and updating frameworks accordingly. It is concise, specific to the main change, and follows conventional commit styling without unnecessary detail. A teammate glancing at history would understand the key intent of the changeset.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

📝 Generate docstrings

🧪 Generate unit tests (beta)

Create PR with unit tests
Post copyable unit tests in a comment
Commit unit tests in branch rob/reuse-auth-fn-without-request

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

coderabbitai

Actionable comments posted: 0

🧹 Nitpick comments (1)

packages/express/src/getAuth.ts (1)

11-15: JSDoc still references the old options type.

We now accept AuthOptions, but the doc block still points to GetAuthOptions. Please update the annotation so the public docs stay accurate.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1c04a32 and 5fb3d59.

📒 Files selected for processing (12)

.changeset/real-trainers-knock.md (1 hunks)
packages/astro/src/server/clerk-middleware.ts (3 hunks)
packages/astro/src/server/types.ts (2 hunks)
packages/backend/src/internal.ts (1 hunks)
packages/backend/src/tokens/__tests__/getAuth.test-d.ts (1 hunks)
packages/backend/src/tokens/types.ts (2 hunks)
packages/express/src/getAuth.ts (1 hunks)
packages/fastify/src/getAuth.ts (1 hunks)
packages/nextjs/src/app-router/server/auth.ts (5 hunks)
packages/nuxt/src/runtime/server/__tests__/auth.test-d.ts (1 hunks)
packages/nuxt/src/runtime/server/types.ts (1 hunks)
packages/tanstack-react-start/src/server/getAuth.ts (1 hunks)

🧰 Additional context used

📓 Path-based instructions (8)

**/*.{js,jsx,ts,tsx}