()
| 5 | * Creates a tRPC router that asserts all queries and mutations are from an authorized user. Will throw an unauthorized error if a user is not signed in. |
| 6 | */ |
| 7 | export function createProtectedRouter() { |
| 8 | return createRouter().middleware(({ ctx, next }) => { |
| 9 | if (!ctx.session || !ctx.session.user) { |
| 10 | throw new trpc.TRPCError({ code: "UNAUTHORIZED" }); |
| 11 | } |
| 12 | return next({ |
| 13 | ctx: { |
| 14 | ...ctx, |
| 15 | // infers that `session` is non-nullable to downstream resolvers |
| 16 | session: { ...ctx.session, user: ctx.session.user }, |
| 17 | }, |
| 18 | }); |
| 19 | }); |
| 20 | } |
no test coverage detected