Explore posts from servers
TTCTheo's Typesafe Cult
Created by riprsa on 7/10/2024 in #questions
NextAuth session injection
Hello, I am pretty new to T3 stack and Next.js (App Router). I am working on an application, it should support 2 types of authentications. The first one is OAuth with NextAuth, the second is a sophisticated third-party script ID provider, let's call it ScriptAuth. The app requires user to be logged in, so all the pages are unaccessible, until user is logged it. While OAuth is simple, ScriptAuth works like that: 1. an external script is loaded via <Script src="..." onReady={createGlobalObject}>, which creates a global object, representing that ScriptAuth data. 2. a tRPC request is performed with this data from the script 3. the server validates the data, and if it is valid, the user should be considered authenticated, otherwise - the app redirects them to the OAuth login page. I can make server return a token at this point, then store it on the client and use it as the prove of identity. The problem is: even if the user is logged in with ScriptAuth, tRPC server assumes 403, which is expected, because the ScriptAuth workflow never creates the session. I need a way to inject state of session into the NextAuth context, so it will allow protected requests via ScriptAuth-ed users. I have no idea how to do it.
4 replies
Created by riprsa on 7/7/2024 in #❓-help
Cannot figure out the correct type
I am trying to use tRPC outside of React. I use it in React, but I need a separate way to use it. I found out about trpc.useUtils().client, which is perfect. But I want to make it a global object for CSR components. I cannot figure out the right type to include in to the declaration. Thank you
5 replies