feat: new "safe" procedure without unauth throwing
This commit is contained in:
Christel Westerberg
@@ -2,10 +2,16 @@ import { initTRPC } from "@trpc/server"
|
||||
|
||||
import { env } from "@/env/server"
|
||||
|
||||
import { badRequestError, sessionExpiredError } from "./errors/trpc"
|
||||
import {
|
||||
badRequestError,
|
||||
sessionExpiredError,
|
||||
unauthorizedError,
|
||||
} from "./errors/trpc"
|
||||
import { transformer } from "./transformer"
|
||||
import { langInput } from "./utils"
|
||||
|
||||
import type { Session } from "next-auth"
|
||||
|
||||
import type { Meta } from "@/types/trpc/meta"
|
||||
import type { Context } from "./context"
|
||||
|
||||
@@ -57,6 +63,10 @@ export const protectedProcedure = t.procedure.use(async function (opts) {
|
||||
console.info(`path: ${opts.path} | type: ${opts.type}`)
|
||||
}
|
||||
|
||||
if (!session) {
|
||||
throw unauthorizedError()
|
||||
}
|
||||
|
||||
if (session?.error === "RefreshAccessTokenError") {
|
||||
throw sessionExpiredError()
|
||||
}
|
||||
@@ -67,3 +77,25 @@ export const protectedProcedure = t.procedure.use(async function (opts) {
|
||||
},
|
||||
})
|
||||
})
|
||||
|
||||
export const safeProtectedProcedure = t.procedure.use(async function (opts) {
|
||||
const authRequired = opts.meta?.authRequired ?? true
|
||||
|
||||
let session: Session | null = await opts.ctx.auth()
|
||||
if (!authRequired && env.NODE_ENV === "development") {
|
||||
console.info(
|
||||
`❌❌❌❌ You are opting out of authorization, if its done on purpose maybe you should use the publicProcedure instead. ❌❌❌❌`
|
||||
)
|
||||
console.info(`path: ${opts.path} | type: ${opts.type}`)
|
||||
}
|
||||
|
||||
if (!session || session.error === "RefreshAccessTokenError") {
|
||||
session = null
|
||||
}
|
||||
|
||||
return opts.next({
|
||||
ctx: {
|
||||
session,
|
||||
},
|
||||
})
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user