Mugetsu
Mugetsu2y ago

NextJs middleware broken by tRPC

Hi, I have a NextJs middleware that is redirecting to the login page. Basically an Auth guard over my all pages and apis but I have a problem with tRPC api routes. Whenever NextJs middleware pickup /api/trpc call and there is no session it tries to redirect to the login page breaking the redirect and trpc itself. Is there a way to get this working so redirect would actually work as expected?
13 Replies
Alex / KATT 🐱
Alex / KATT 🐱2y ago
You might need a custom link at the end to deal with it Unsure what you expect the trpc api request to do here though
Mugetsu
Mugetsu2y ago
yeah I was looking at links but cant actually get to understand them
Alex / KATT 🐱
Alex / KATT 🐱2y ago
I think you should exclude the trpc api requests in your middleware
Mugetsu
Mugetsu2y ago
But then i need to handle unathorized on the client side like in queryclientconfig. I was expecting I would be able to handle this with nextjsmiddleware which would be much simpler having guard in one place
Alex / KATT 🐱
Alex / KATT 🐱2y ago
You're on your own here, I'm afraid. Nextjs middlewares have a lot unexpected behaviours when it overrides the api calls like this - I don't use them myself and don't have the capacity to solve your problems with them
Mugetsu
Mugetsu2y ago
I see. Yeah I've been searching for a few days already. I guess I will go with client handle for trpc then. Thanks for quick response tho @alex / KATT . Loving tRPC keep up the good work ❤️
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
Mugetsu
Mugetsu2y ago
@Bennett My usecase is simple. I dont need to expose my api to external clients so its pure backend for fronted api and everything of the app must be gated behind OneLogin oauth. So Ideally with use of the nextJs middleware I suppose to be able to authorise my app within single place for all my page routes and api routes. With middleware I should be able to achieve checking/validating the authorisation before request even hits my api endpoints. So there would be no extra trip to server for it to checking auth in trpc context and returning auth status to the client and then action on it. With middleware I can remove that extra layer and handle auth before request even tries reaching that particular api route if my understanding is correct. But what I found is that trpc swallows the redirects due to nature of fetch not being able to redirect document. Here are my findings https://github.com/trpc/trpc/issues/3081
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
Mugetsu
Mugetsu2y ago
@Bennett How the response json should look like then for it to work?? I believe this wont fix the problem as trpc httplinks are swallowing the response if I respond with 401 anyway. 
    return NextResponse.json(
      {
        result: { data: 1 },
      },
      { status: 401 }
    );
    return NextResponse.json(
      {
        result: { data: 1 },
      },
      { status: 401 }
    );
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
Mugetsu
Mugetsu2y ago
Yeah I would like to have some response to the issue but I believe @alex / KATT is currently busy with doing stable release of v10 👀 For now I exclude trpc api from middleware and handle it globally with reactquery onerror but I believe if Im not mistaken that this will be anyway an issue once NextAuth will figure out middleware database sessions instead of jwt. I havent checked if this is also an issue with current nextauth middleware if I find time I will check
Alex / KATT 🐱
Alex / KATT 🐱2y ago
Haha, I'm busy with day to day work, trpc is mainly evenings, weekends, and got half a day a week to work at it during work hours 😅
More Posts
How to infer the output of a mutation? The current methods appear to be depreciated.I am attempting to export the bellow utility function to use client side to infer an output type thaTrouble inferring the type of a very simple structure of nested routersA very simple router results in an inference error, causing the client to not be able to infer the rcalling trpc endpoints from vanilla nextJs api routesI'm struggling to find what's the best way to call a trpc endpoint directly from the server. BasicalMultiple React providersGood morning! Is there any workaround, how to use multiple trpc-client instances with react-query? IMutation type issueI'm trying to mutate something like this with tRPC and Prisma ```const updateColumn = trpc.project.uCan I redirect the user from inside my router?I have a query protectedProcedure, which returns an object from my prisma planetscale db What's theWhich http library trpc uses in the frontend?I was wondering if`trpc` uses the `Fetch API` or uses something like `Axios` to do API calls from thuseQueryClient is not working as expectedSo before v10 I was simply using useQueryClient and had my `queryClient` strongly typed. Now I movedInfer the type of ctx for a specific procedureLet's say I had a helper function that I wanted to pass the context to, I can't use the default ContCORS in standalone serverHi, I'm trying to get CORS working in standalone server. Attempted this solution but unfortunately