bennettdev
bennettdev
Explore posts from servers
TTCTheo's Typesafe Cult
Created by bennettdev on 4/8/2023 in #questions
How to disable site/deployment/auth temporarily? (Vercel)
I would like to have a "killswitch" to teporarily disable my site on Vercel. This is just a safety measure if anything goes wrong. What would be the easiest way to do so? The only thing I found is the "Password protection", but it is not allowed for hobby projects. It would be fine for me to have a way to disable the whole deployment as well. Additionally, it would be nice to be able to disable sign in/sign up with NextAuth.js temporarily. Is there something easy one can do? The session callback does not allow return false or null, so even returning false from the signIn callback will still allow users with session to get authenticated.
5 replies
TTCTheo's Typesafe Cult
Created by bennettdev on 3/21/2023 in #questions
How do you initialize/seed your DB with/for static values? (e.g. post categories)
Imagine you'd need to put some static values in the DB, for example post categories. Each category gets a unique ID (string). These categories are not changed by any user, only be me, as the admin. Where and when would you put these static values into the database? I thought about three variants to create these post categories: #1) Put them into the database manually using whatever CLI/UI editor is available for the database. In my case this would be the Supabase table editor for a Postgres DB. Adding new categories or changing some will create havoc though, as all data related to the category has to be changed as well. So, not really an option. #2) Fill the data via Prisma seed. I guess the same problem remains: How to handle updates to the categories? #3) Create a Prisma migration where you execute hand-written SQL. Create your initial categories there. If you need to change one, create another migration. This has the benefit of being able to change related data that depends on the categories as well. Besides that, would you rather create the categories with random IDs or with a "fixed" string ID? Using fixed IDs could then also be done via enums (not in TypeScript, but the Prisma schema), so if you need a specific ID, you also get type-safe usage (in the app code via TypeScript). So, how do you handle static values in the DB? Maybe there's even a better way?
1 replies
TTCTheo's Typesafe Cult
Created by bennettdev on 2/18/2023 in #questions
Presigned URLs (S3 upload): file type verification, image transformation & cleanup/delete
When implementing S3 upload, a lot of examples I've found (and also Theo's recommendation afaik) are using presigned URLs. Maybe I'm missing something, but I have three questions about this: 1. Verify file type S3 allows to restrict the "content type", so e.g. only jpg or png. But it does not actually check the file itself, only the extension (as part of the file name). Users can upload .png files that are actually .txt files, just by renaming the file. You cannot check the MIME type without a server inbetween. How do you verify the file type? 2. Image transformation Don't you care about the image size? You can only reliably convert the size on the server, which obviously does not work with presigned URLs. I know you can restrict the image size via presigned URLs, but don't you want to decrease the file size (of e.g. a jpg) to save some costs of the storage? 3. Cleanup old images When a users "replaces" an image (imagine an avatar), you need to delete the old image as well. This can only be done reliably on the server as well if you want to make sure that "upload" and "delete" is done in one operation (the API request). I guess one could also model the storage path via a fixed ID, so you just overwrite the image in the storage, but it sometimes you need random file names, no? In general: Is really everyone using presigned URLs? If yes, how do you overcome the three mentioned topics?
5 replies
TTCTheo's Typesafe Cult
Created by bennettdev on 12/27/2022 in #questions
Custom field name or rename field in model for NextAuth.js (Prisma adapter)
Hey! I'm not a fan of fields named id, but rather like to have speaking names like userId or postId, which makes the code easier to read imo. I'm using the Prisma adapter and added all needed models to my schema. In the User model, I would like to use a field name userId instead of id. Is this possible?
19 replies
TTCTheo's Typesafe Cult
Created by bennettdev on 11/23/2022 in #questions
Prisma is in my client bundle and I don't know why
20 replies
TTCTheo's Typesafe Cult
Created by bennettdev on 11/17/2022 in #questions
Is putting the session into the context really a good idea? (overhead on each request)
I was just wondering about the default way of session handling. Looking at the docs, the session is put into the context:
// server/trpc/context.ts
import { getServerAuthSession } from "../common/get-server-auth-session";

export const createContext = async (opts: CreateNextContextOptions) => {
const { req, res } = opts;
const session = await getServerAuthSession({ req, res });
return await createContextInner({
session,
});
};
// server/trpc/context.ts
import { getServerAuthSession } from "../common/get-server-auth-session";

export const createContext = async (opts: CreateNextContextOptions) => {
const { req, res } = opts;
const session = await getServerAuthSession({ req, res });
return await createContextInner({
session,
});
};
This means that every request will evaluate the session based on the cookies. I understand the benefit of the DX, as with this setup you can easily always access it via context in a tRPC procedure. But the downside is obviously that the execution time of getting the session from cookies is added to every request. In a typical CRUD app, not so many requests really need authentication, but we still add this overhead to each request. Has someone measured how long this takes in a typical setup? How much "overhead" is really added to each request?
6 replies