T

How are people handling authorization?

How are people handling authorization?

Jjonasmerlin

2/7/2023

I noticed that with V10, any mentions of trpc-shield are gone from the documentation. Also, it only has 200 stars on GH, which is not that much when compared to tRPC itself. So I would be interested in how you're are handling authorization when using tRPC?

Nnlucas

2/7/2023

Home-rolled tRPC middleware It’s only around 20-30 lines of code because you probably have some verifier library for whatever auth method you’re using, so you just grab the header and verify it, then attach the middleware to a baseProcedure and use it Throw a TRPCError with appropriate code on failure of course

Jjonasmerlin

2/7/2023

Hey, thanks for your answer! Can you maybe go into a bit more detail on this? Or do you maybe even have an example?

Nnlucas

2/7/2023

There’s not much detail to go into. Take a look at the middleware docs for that piece. What are you using for auth?

Jjonasmerlin

2/7/2023

Right now, I'm using NextAuth

Nnlucas

2/7/2023

Isn’t that just an an adapter for other providers? Are you using some other provider or something baked into Next?

Jjonasmerlin

2/7/2023

I haven't settled on providers yet but I'm aiming for a mix of a few in addition to providing mail/password probably Discord, Github, Google In addition to mail/password and mayybe magic links

Nnlucas

2/7/2023

Got it There may be a way to keep using next auth, I’m aware a lot of people integrate tRPC and next quite tightly but I have no experience with it personally For social providers I guess you are looking at more of a auth framework. But either way you might not find a mature trpc integration just yet and be best to use the lower level APIs to implement it I’ve used tools like Azure b2c and Okta which often do have social auth support too, and they’ll give you just a simple verifier library like I mentioned originally

Iisaac_way

2/10/2023

If you’ve just started on your app, maybe consider using create-t3-app to generate you project. It sets up next auth for you

Looking for more? Join the community!

T

How are people handling authorization?

T

How are people handling authorization?

Recommended Posts

Vitest context router callerHi, Im trying to setup vitest to test trpc. I would like to have a trpc approuter caller to be acces Cannot read properties of undefined (reading 'data') of res.error.data, when trpc errors outHello everyone, I am using `@trpc/react-query` alongside `trpc` for express, and I am experiencing a Extending middlewareshttps://trpc.io/docs/middlewares#extending-middlewares Is this available?Calling a trpc endpoint inside of a trpc endpointHey all. I'm wondering how I am able to call these endpoints from within themselves? For example,Frozen input paramIs it possible to define a parameter on input schema (zod) that will have a hardcoded/frozen value w type mismatch between tRPC return (in sveltekit) and defined typei've got this piece of code: ```ts read: async () => { const res = await trpc($page).getCards.quer pre fetch serveral prodecures dynamicallyHello!. I'm developing a React Native app which needs an offline mode for some assets that the user procedure input contextIs it possible to accesss context in trpc procedure input validation? I have an aray of values in t Is it normal to separate resolvers from routers?Wondering if it's common and/or whether it's a good idea to attempt to separate procedures from the i have an infinite loop within my hook but apps works as expected.when i console log inside this hook, it repeats non-stop every few seconds, but my app is working as trpc query running twiceHey guys. I have a trpc endpoint which makes a request to the discord api to fetch a list of the use tRPC Call To ServerOn the mobile version of my app, in NextJS, the build has to be static so I have to use my hosted we Get count of stages assigned to user with stage name?Need help in writing prisma query to get stages assigned to user with stage name? this is the scheme TRPC global loading pageHey. With trpc/nextjs I'm wondering if its possible to have a global loading context/state which is Multiple Clients/Services In tRPC ContextI know it's typical to pass around the prisma client in the trpc context, is the same true for other Use middleware to send responseHello, how can I send a response from the middleware without executing the input, such as making a c dynamic router creationhas anyone been able to create a dynamic router? e.g. i pass in the schema and some metadata and it Type issue react query with enabled.We migrate to trpc and using @tanstack/react-query directly to the trpc syntax of trpc.procedureName TRPCClientError: Unexpected end of JSON inputHey I am running into this issue when calling a `mutateAsync` in production in Vercel (**the error d Is it ok to use a createCaller() router within ServerSideProps?The official trpc docs shown an example of how to use the SSGHelper router within SSPs. The procedur