Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: useSuspenseQuery will get "UNAUTHORIZED" tRPC error #1765

Open
Crayon-ShinChan opened this issue Feb 20, 2024 · 2 comments
Open

bug: useSuspenseQuery will get "UNAUTHORIZED" tRPC error #1765

Crayon-ShinChan opened this issue Feb 20, 2024 · 2 comments
Labels
🐞 upstream bug Blocked by a bug upstream

Comments

@Crayon-ShinChan
Copy link

Crayon-ShinChan commented Feb 20, 2024
edited

Provide environment information

System:
OS: macOS 14.2.1
CPU: (8) arm64 Apple M1 Pro
Memory: 196.13 MB / 16.00 GB
Shell: 5.9 - /bin/zsh
Binaries:
Node: 20.9.0 - ~/.nvm/versions/node/v20.9.0/bin/node
Yarn: 1.22.21 - ~/.nvm/versions/node/v20.9.0/bin/yarn
npm: 10.1.0 - ~/.nvm/versions/node/v20.9.0/bin/npm
pnpm: 8.14.0 - ~/Library/pnpm/pnpm

Describe the bug

If we have a protected api like:

  hello: protectedProcedure
    .input(z.object({ text: z.string() }))
    .query(async ({ input }) => {
      // wait for 1 second
      await new Promise((resolve) => setTimeout(resolve, 1000));

      return {
        greeting: `Hello ${input.text}`,
      };
    }),

Then we use useSuspenseQuery

"use client";

import { api } from "@/trpc/react";
import { Suspense } from "react";

export default function TestSuspense() {
 return (
   <div>
     <h1>Test Suspense</h1>
     <Suspense fallback={<div>Loading...</div>}>
       <SayHi />
     </Suspense>
   </div>
 );
}

function SayHi() {
 const [greet, getGreet] = api.post.hello.useSuspenseQuery({
   text: "Suspense user",
 });

 return <div>{greet.greeting}</div>;
}

We will get the error UNAUTHORIZED from

export const protectedProcedure = t.procedure.use(({ ctx, next }) => {
  if (!ctx.session || !ctx.session.user) {
    throw new TRPCError({ code: "UNAUTHORIZED" });
  }
  return next({
    ctx: {
      // infers the `session` as non-nullable
      session: { ...ctx.session, user: ctx.session.user },
    },
  });
});
CleanShot.2024-02-19.at.17.54.35.mp4

You can check the detail of my code in this commit: Crayon-ShinChan/t3-trpc-suspense-bug@b747bba

Reproduction repo

https://github.com/Crayon-ShinChan/t3-trpc-suspense-bug

To reproduce

  1. clone the repo
  2. Go to Discord Portal to create an oauth app for this repo and copy paste the DISCORD_CLIENT_ID,DISCORD_CLIENT_SECRET to .env file
  3. pnpm dev

Additional information

No response
@juliusmarminge
Copy link
Member

juliusmarminge commented Feb 20, 2024
edited

Yup this is a limitation in Next since they don't provide any primitive to access headers from a client component during the SSR prepass phase, so queries made on the server wont be authed...

You can fix this by prefetching the data in an RSC and hydrating the query client or pass the initial data as props.

Unfortunately not much we can do here, there is a community package https://github.com/moshest/next-client-cookies that "hacks" around it although I've never tried it

@juliusmarminge juliusmarminge added 🐞 upstream bug Blocked by a bug upstream and removed 🐞❔ unconfirmed bug labels Feb 20, 2024
@mattiaseyram
Copy link

Any update or ways around this? Would be great to use useSuspenseQuery

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐞 upstream bug Blocked by a bug upstream
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mattiaseyram @Crayon-ShinChan @juliusmarminge