You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have setup t3 app with nextAuth + trpc. I'm wondering what is best practice to assign user roles to session in nextAuth config, as I don't want to do refetch on every endpoint?
As I understand in this setup I use databse strategy so JWT callback won't work?
Should I just put this fetch inside Session callback or somewhere else? I'm scared that it will be fired too much, I'm not sure how offten session is checked -> https://next-auth.js.org/configuration/callbacks#session-callback. Tried to find an example or some info on it in docs and google but could not.
Is it even a good direction? Or is it better to check if user is an admin for specific endpoint or in my case create special procedure for trpc?
This is my nextauth config:
import{typeDefaultSession,typeNextAuthConfig}from"next-auth";importDiscordProviderfrom"next-auth/providers/discord";import{db}from"@/server/db";/** * Module augmentation for `next-auth` types. Allows us to add custom properties to the `session` * object and keep type safety. * * @see https://next-auth.js.org/getting-started/typescript#module-augmentation */declare module "next-auth"{interfaceSessionextendsDefaultSession{user: {id: string;}&DefaultSession["user"];}// interface User {// // ...other properties// // role: UserRole;// }}/** * Options for NextAuth.js used to configure adapters, providers, callbacks, etc. * * @see https://next-auth.js.org/configuration/options */exportconstauthConfig={providers: [DiscordProvider,/** * ...add more providers here. * * Most other providers require a bit more work than the Discord provider. For example, the * GitHub provider requires you to add the `refresh_token_expires_in` field to the Account * model. Refer to the NextAuth.js docs for the provider you want to use. Example: * * @see https://next-auth.js.org/providers/github */],adapter: PrismaAdapter(db),callbacks: {session: ({ session, user })=>{return{
...session,user: {
...session.user,id: user.id,},};},},}satisfiesNextAuthConfig;
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hey!
I have setup t3 app with nextAuth + trpc. I'm wondering what is best practice to assign user roles to session in nextAuth config, as I don't want to do refetch on every endpoint?
As I understand in this setup I use databse strategy so JWT callback won't work?
Should I just put this fetch inside Session callback or somewhere else? I'm scared that it will be fired too much, I'm not sure how offten session is checked -> https://next-auth.js.org/configuration/callbacks#session-callback. Tried to find an example or some info on it in docs and google but could not.
Is it even a good direction? Or is it better to check if user is an admin for specific endpoint or in my case create special procedure for trpc?
This is my nextauth config:
Beta Was this translation helpful? Give feedback.
All reactions