❓-help

How would you implement basic auth session tokens with tRPC?

Ppjnicolas

7/21/2023

I'm building a hobby app which requires basic auth. I'm used to use express and express-session along a SQL database (for the user data) and Redis (for the session data) to achieve that very easily, but I'm interested in learning tRPC. My app is built in Next.js as a monorepo, and I would like to NOT implement JWT for authentication, just plain old session tokens. I'm thinking in implementing my own version on express-session for tRPC, but that sounds dangerous as I'm not that familiar with the technology or with backend code in general. What would you suggest to keep it simple? I don't want to rely on external services like auth0 or firebase, but keep everything in my own server. This is a hobby app and it's not going to have a lot of active users. Thanks!

AKAlex / KATT 🐱

7/21/2023

i use next-auth with db session only annoying part is that they, for unknown reason, don't allow user/password login with db sessions

Ppjnicolas

7/21/2023

So what do you use if you can't use user/password login? I find that very weird since it's the simplest method of authentication

AKAlex / KATT 🐱

7/21/2023

oauth with different providers and magic link

Iippo

7/22/2023

JWT is just bad for authentication and was never designed as an authentication tool. JWT is an authorization tool by design. (if you are interested I can give you tons and and tons of evidence, articles etc.) Here is a light read: http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ next-auth uses JWTs for its session strategy and as far as I know, there is not really a good and flexible cookie-session next.js alternative so what should you do? If you want to (and also should) use session cookies for authentication go with express-session. In that case you need a custom next.js server that you can easily setup. If you have that you can use all battle tested express modules and have your custom and extremely custom authentication and authorization logic that you can imagine. The other benefit is that you can use sockets easily in your nextjs/trpc app

DDani;

7/22/2023

There is this new tool which is gaining popularity recently: https://github.com/pilcrowOnPaper/lucia

Cchrisjayden

7/23/2023

Lucia is awesome. Started as a SvelteKit lib a long time ago. Came a long way

Looking for more? Join the community!

❓-help

❓-help

Recommended Posts

Example for tRPC, stable version, with RSCHi This may be a stupid question... The readme of the experimental example mentions > Note You Dynamic return typeIs there any way to have dynamic return type with tRPC? Simple example: If I provide x: true on bo Sometimes invalidate not work...hello sometimes invalidate method does not work in `onSuccess` anyone same? using NextJS, pnpm trpc client request size limits?I am sending a pretty sizable request and am seeing ``` [TRPCClientError: JSON Parse error: Unexpec Make tRPC return Bad Request on Zod validation error?As the title says, how can I make tRPC return a proper error message, like a Bad Request, when there Using proxyClient in vercel edge functionHey guys, i want to call my trpc apis inside vercel edge functions. Edge runtime does not have all cookies not being set in procedureThis is all the code for setting my cookie ```js import { publicProcedure, router, userProcedure } f useSubscription simplified with react queryHi Guys, looking for a way to simplify the use of useSubscription. Currently I do the following: 1 Next.js app router catch-all HTTP methodsThe app router already supports the catch-all file for route resolution, but AFAIK still expects sep TRPC Vanilla Client (T3 stack)I'm using the T3 stack (Next + TRPC + etc) and I'm trying to figure out how to do vanilla queries th Multiple Inputs on TRPC Procedure?Essentially I'm trying to pass a cart (array of objects) into a public procedure (doing so fine). I adapter for hono or hattip?we’ve got adapters for express, stand alone node and next. I wonder how easy would it be to make ad Keep getting 500 error response I can't figure outWith both queries and mutations I get back this response saying that there's html in the response an tRPC & redux toolkit queryNode 18, pnpm, ts, vite, toolkit. Cant find any proper info how to use tRPC with toolkit query; If I how can I globally set a "middleware" callback for all onErrors on my React Query calls?this is a little specific but Im struggling on it Im using the TRPC server as a BFF for my backend Upgrading from tRPC v9 and NextJS v12. Should I upgrade NextJS first or tRPC?I have an app built from the tRPC + NextJS + Prisma starter, and I'd like to upgrade from tRPC v9 an prefetchinfinite not working when inputs are differentIve been trying to figure out why prefetching doesnt work when the inputs are different between pref tRPC + App directory + SSR - current state?What is the current state of the technologies working together with or without SSR? It looks like so Hydration failed because the initial UI does not match what was rendered on the server```Unhandled Runtime Error Error: Hydration failed because the initial UI does not match what was re React tsc starts checking server typesMy tsconfig files are different on the server and client. When I run "tsc" on react client, It is tr