NextAuth session injection

Hello, I am pretty new to T3 stack and Next.js (

App Router

App Router

App Router

App Router). I am working on an application, it should support 2 types of authentications.

The first one is OAuth with NextAuth, the second is a sophisticated third-party script ID provider, let's call it

ScriptAuth

ScriptAuth

ScriptAuth

ScriptAuth. The app requires user to be logged in, so all the pages are unaccessible, until user is logged it.

While OAuth is simple, ScriptAuth works like that:

an external script is loaded via
```
<Script src="..." onReady={createGlobalObject}>
```
<Script src="..." onReady={createGlobalObject}>
```
<Script src="..." onReady={createGlobalObject}>
```
<Script src="..." onReady={createGlobalObject}>
, which creates a global object, representing that ScriptAuth data.
a tRPC request is performed with this data from the script
the server validates the data, and if it is valid, the user should be considered authenticated, otherwise - the app redirects them to the OAuth login page. I can make server return a token at this point, then store it on the client and use it as the prove of identity.

The problem is: even if the user is logged in with

ScriptAuth

ScriptAuth

ScriptAuth

ScriptAuth, tRPC server assumes 403, which is expected, because the ScriptAuth workflow never creates the session. I need a way to inject state of session into the NextAuth context, so it will allow protected requests via ScriptAuth-ed users. I have no idea how to do it.

riprsaOP•7/10/24, 10:58 AM

Basically, 3) can return a JWT token with some credentials and set it to cookies. I need a way to make sure NextAuth.js understands that this JWT is legit.

riprsaOP•7/10/24, 3:18 PM

document.cookie = "next-auth.session-token=" + req.data.identity.token;document.cookie = "next-auth.session-token=" + req.data.identity.token;

NextAuth session injection

Similar Threads

Similar Threads

Similar Threads