-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bug: useSuspenseQuery
will get "UNAUTHORIZED" tRPC error
#1765
Comments
Yup this is a limitation in Next since they don't provide any primitive to access headers from a client component during the SSR prepass phase, so queries made on the server wont be authed... You can fix this by prefetching the data in an RSC and hydrating the query client or pass the initial data as props. Unfortunately not much we can do here, there is a community package https://github.com/moshest/next-client-cookies that "hacks" around it although I've never tried it |
Any update or ways around this? Would be great to use useSuspenseQuery |
I use |
Are you solved this problem? |
I didn't use |
Using this package phryneas/ssr-only-secrets seems to be working great to pass the cookie to the headers on the SSR piece Add a new env variable: // .env.local
SECRET_CLIENT_COOKIE_VAR={"key_ops":["encrypt","decrypt"],"ext":true,"kty":"oct","k":"asdas....","alg":"A256CBC"} I used the code provided to create the key above:
Then in the layout file, access the cookie, encrypt it and pass it to the TRPCReactProvider // app/layout.tsx
import { headers } from "next/headers";
import { TRPCReactProvider } from "@/trpc/react";
export default async function Layout(props: {
children: React.ReactNode;
}) {
const cookie = new Headers(headers()).get("cookie");
const encryptedCookie = await cloakSSROnlySecret(cookie ?? "", "SECRET_CLIENT_COOKIE_VAR")
return <html>
<Head/>
<body>
...
<TRPCReactProvider ssrOnlySecret={encryptedCookie}>
{props.children}
</TRPCReactProvider>
</body>
</.html>
} Then decrypt the value and pass it to the headers on the client side. Reading the value on the browser always returns // trcp/react.ts
"use client";
import { readSSROnlySecret } from "ssr-only-secrets";
import type { AppRouter } from "@beebook/api";
import * as React from "react";
import { QueryClientProvider } from "@tanstack/react-query";
import { loggerLink, unstable_httpBatchStreamLink } from "@trpc/client";
import { createTRPCReact } from "@trpc/react-query";
import SuperJSON from "superjson";
import { getBaseUrl, getQueryClient } from "./utils";
export const api = createTRPCReact<AppRouter>();
export function TRPCReactProvider(props: { ssrOnlySecret: string, children: React.ReactNode }) {
const queryClient = getQueryClient();
const [trpcClient] = React.useState(() =>
api.createClient({
links: [
loggerLink({
enabled: (op) =>
process.env.NODE_ENV === "development" ||
(op.direction === "down" && op.result instanceof Error),
}),
unstable_httpBatchStreamLink({
transformer: SuperJSON,
url: getBaseUrl() + "/api/trpc",
async headers() {
const headers = new Headers();
const secret = props.ssrOnlySecret;
const value = await readSSROnlySecret(secret,"SECRET_CLIENT_COOKIE_VAR")
headers.set("x-trpc-source", "nextjs-react");
if(value) {
headers.set("cookie", value);
}
return headers;
},
}),
],
}),
);
return (
<QueryClientProvider client={queryClient}>
<api.Provider client={trpcClient} queryClient={queryClient}>
{props.children}
</api.Provider>
</QueryClientProvider>
);
} |
Provide environment information
System:
OS: macOS 14.2.1
CPU: (8) arm64 Apple M1 Pro
Memory: 196.13 MB / 16.00 GB
Shell: 5.9 - /bin/zsh
Binaries:
Node: 20.9.0 - ~/.nvm/versions/node/v20.9.0/bin/node
Yarn: 1.22.21 - ~/.nvm/versions/node/v20.9.0/bin/yarn
npm: 10.1.0 - ~/.nvm/versions/node/v20.9.0/bin/npm
pnpm: 8.14.0 - ~/Library/pnpm/pnpm
Describe the bug
If we have a protected api like:
Then we use
useSuspenseQuery
We will get the error
UNAUTHORIZED
fromCleanShot.2024-02-19.at.17.54.35.mp4
You can check the detail of my code in this commit: Crayon-ShinChan/t3-trpc-suspense-bug@b747bba
Reproduction repo
https://github.com/Crayon-ShinChan/t3-trpc-suspense-bug
To reproduce
DISCORD_CLIENT_ID
,DISCORD_CLIENT_SECRET
to .env filepnpm dev
Additional information
No response
The text was updated successfully, but these errors were encountered: