feat(next-auth): add getServerAuthSession #289
Conversation
|
Would you mind making the same change to next? |
There was a problem hiding this comment.
Great! Would be good with some refactoring to take advantage of this wrapper in the other places too:
create-t3-app/template/addons/trpc/auth-context.ts
Lines 14 to 15 in 9392374
create-t3-app/template/addons/trpc/auth-prisma-context.ts
Lines 15 to 16 in 9392374
You mean the restricted route without tRPC? https://github.com/t3-oss/create-t3-app/blob/main/template/addons/next-auth/restricted.ts |
I mean submitting the PR to the Next branch as well. Otherwise I'll do it after no problem |
Oh, okay! I will wait for this branch to be 100% ready to merge and will open another PR for the next branch |
There was a problem hiding this comment.
Concerned this is a lot of changes for a feature I don't see as super useful (and quite prescriptive). Many users might prefer to render a sign-in component on a "protected route" instead. The as bindings also scare me a bit as they weren't necessary before 🤔
Not hard stanced either way just some thoughts
I think you got a point there about the sign-in component, but I think most users will find an example for a basic protected route with SSR very helpful as a starting point. also, we're not inferring any return of the session or how you should use it. about the inferring, yeah I also didn't like it when I committed haha I preferred to wait for your opinions on it. I needed to put it because the for short, I do think it's better if we just use the helper in the protected page and the restricted route, what do you guys think? |
Yea I am good either way. It isn't a big deal to make myself when I end up needing it, but it is a nice to have to only import a single thing and not passing the nextAuthOptions around everywhere.
Yea from what I can tell we should be good removing the optional here. This is the underlying typedef: export type NodeHTTPCreateContextFnOptions<TRequest, TResponse> = {
req: TRequest;
res: TResponse;
};
export type NodeHTTPCreateContextFn<
TRouter extends AnyRouter,
TRequest,
TResponse,
> = (
opts: NodeHTTPCreateContextFnOptions<TRequest, TResponse>,
) => inferRouterContext<TRouter> | Promise<inferRouterContext<TRouter>>;What are your thoughts on this @nexxeln |
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
…rver-auth-session
Feat/get server auth session
|
sorry for sitting on this for so long, made the updates removing the type inferring on de arguments of also updated the |
|
Hi there! First, thank you for your contribution. I think this is too opinionated for create-t3-app. This protected page is using Just saying that it can be misleading. EDIT: And next-auth session management breaks on every next.js release. We shouldn't trust it enough to put it that much on a cli. Cheers, |
Seems fair. We declined protected routes before so maybe we should be careful now too. Perhaps only use it to get the auth session in the example api endpoint as well as the tRPC context then. |
|
Moved to #366 |
Add getServerAuthSession helper and a Protected route using it
✅ CHECKS
📝 CHANGELOG
unstable_getServerSessionfromnext-auth.Protectedroute as well💯