Get `auth` session when API endpoint is called from a server component
The session is undefined when the route is called from the server component, but I get the value when I call it from the client component
41 Replies
sounds like something to do w how (next.js?) handles cookies in server components
but could also have to do w middleware order ig
can you share more info about your setup?
Sure, I am using Next.js, auth.js for auth
And Hono for my backend
I don't have any middleware setup as of now
Although I also tried using
middleware.ts
file
But still the result is sameThe session is undefined when the route is called from the server component, but I get the value when I call it from the client componentwell, when the call is made from the browser, it 100% has access to whatever cookies are on the browser and if a request is made from a server component during ssr, you'd expect the cookie to be set if there is one
Makes sense, I am trying to prefetch the data for the client to use,
But since the cookie is not available it fails and the client has to fetch the actual data.
Is there a way to tell if the request if coming from client or server component, that way I could skip the auth check incase of server component and add that to the server component itself, since I am getting the session data there
Here's what I mean
what does
auth
look like?ah, i see
is this the same
auth
, because i wouldn't expect that to work
Yeah it is same
auth
, and it works for the client components,
Even on using the verifyAuth
middleware from @hono/auth-js
I was getting the same behaviorhuh
some nextjs magic ig
Why is that I get the session on server component,
const session = await auth()
But not on the Hono route?sorry, i'm confused
- you've got a server-rendered page
Posts
, that's trying to prefetch some data by hitting a hono endpoint
- and some client components *on the Posts
page that are then trying to fetch the same data from the same hono endpoint
right?Yeah
And I have a stale time of 10 mins, so if the server has done the fetching, client can just use it
- and the prefetch on
Posts
is working
- but the fetches from the client components aren'tNo prefetch is only working if I remove the session check logic.
Fetches from the client components works regardless
But client won't fetch if there's fresh data in the cache
So if prefetch from the server works, (which is not since I'm not able to get the session info)
Clients can just use that data leading to faster page loads
but you're saying that you get the session when SSRing
Posts
, but not on the hono route (when making fetches)?Yeah I do get that in the server component, but when making the prefetch request to the hono route, It is not available then
The session check in the server component to validate if the page should render or not.
But the session check for the api is for when someone hits the backend endpoint from say postman, (It is here where it is not workgin)
I get the session here
But not here
how is the hono app getting served? are you using next actions?
also, what's going on here?
No I have a catch all api route
hows that getting served then?
This is telling next-auth to extend the session to include the user id as well, by default it doesn't
https://authjs.dev/guides/extending-the-session
Auth.js | Extending The Session
Authentication for the Web
Next.js has api routes that runs on the same port, I am hijacking, that to use hono instead
Followed this: https://hono.dev/docs/getting-started/vercel
Vercel - Hono
Web framework built on Web Standards for Cloudflare Workers, Fastly Compute, Deno, Bun, Vercel, Node.js, and others. Fast, but not only fast.
gotcha
have you tried something like this?
ig you're saying that the backend is getting the session when it's been set on client-side requests
Just tried it, but still the same
so the cookie is available on the request when it hits
Posts
, but maybe isn't getting attached to the prefetch request?Yeah
one thing to call out is that you don't really need to be fetching at all
unless you've got specific project requirements
Yeah it is just an optimization, for better UX.
I'll keep looking for solutions though, I'll update here if something works
i mean you don't need to hit another backend
you're already on the server, loading the page. instead of hitting another backend endpoint for the data, just call the same logic that the endpoint calls directly
Yeah, I would have, but the for the react query cache to used, by the client,
We need to call the same queryFn and with same queryKey at both the places.
There is a way to fetch the data directly and pass the result to the client component cache as initial data,
But that only works for statically rendered pages
gotcha, interesting
i'm surprised the queryFn needs to be the same. that's a shame
what's your fetch function look like?
oh. hold up
for science, can you log in your hono app
just thinking through how the cookies are get/set/passed around
i don't really know how next manages requests contexts
are you injecting the next.js
fetch
?It is a really long trail of logs
thats ok
but we're really just looking for the cookies, ig
hmm, we do have the cookies there
authjs.session-token=7454b460-84ba-40fb-b42e-773e7ec14b71; authjs.csrf-token=3955a742945c7d4e5eba846e96d95ed7621e1b31bde38156591bf59d29e73888%7C7c07efc9cd83ae19ede691973019d08973f2b0ab079c68f0a2e53712db45445c; authjs.callback-url=http%3A%2F%2Flocalhost%3A3000%2Fposts
But for the first call which was from the server component, it is
null
interesting
seems like you might need to manually forward headers: https://nextjs.org/docs/app/api-reference/functions/headers#using-the-authorization-header
Ohk, let me try
i wonder if the authjs csrf is playing a role
this might be relevant: https://github.com/nextauthjs/next-auth/discussions/7256
@ambergristle got it,
Sorry for the misconception,
queryFn
can be different.
This does the trick
I am directly querying the db
Thank you so much for your time and efforts, really appreciate it 🤗legoooooooo
happy to help!