fix: refactor session handling

server/context.ts

@@ -1,11 +1,16 @@
 import { cookies, headers } from "next/headers"
+import { type Session } from "next-auth"
 
 import { Lang } from "@/constants/languages"
 
 import { auth } from "@/auth"
 
+import { unauthorizedError } from "./errors/trpc"
+
+typeof auth
+
 type CreateContextOptions = {
-  auth: typeof auth
+  auth: () => Promise<Session>
   lang: Lang
   pathname: string
   uid?: string | null
@@ -39,7 +44,15 @@ export function createContext() {
   const webviewTokenCookie = cookie.get("webviewToken")
 
   return createContextInner({
-    auth,
+    auth: async () => {
+      const session = await auth()
+      const webToken = webviewTokenCookie?.value
+      if (!session?.token && !webToken) {
+        throw unauthorizedError()
+      }
+
+      return session || ({ token: { access_token: webToken } } as Session)
+    },
     lang: h.get("x-lang") as Lang,
     pathname: h.get("x-pathname")!,
     uid: h.get("x-uid"),

server/trpc.ts

@@ -41,13 +41,9 @@ export const protectedProcedure = t.procedure.use(async function (opts) {
     throw sessionExpiredError()
   }
 
-  if (!session?.token.access_token && !opts.ctx.webToken) {
-    throw unauthorizedError()
-  }
-
   return opts.next({
     ctx: {
-      session: session || { token: { access_token: opts.ctx.webToken } },
+      session,
     },
   })
 })