-
Notifications
You must be signed in to change notification settings - Fork 282
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(nextjs): Drop user
, session
, organization
from auth()
#1947
Conversation
🦋 Changeset detectedLatest commit: 1399570 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
a6bfe10
to
866a06d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🎉
866a06d
to
89f0185
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🔧 We should deprecate those return values in v4 before dropping them from auth()
in v5.
89f0185
to
1399570
Compare
@@ -18,6 +18,8 @@ import { getAuthKeyFromRequest, getCookie, getHeader, injectSSRStateIntoObject } | |||
|
|||
type GetAuthOpts = Partial<SecretKeyOrApiKey>; | |||
|
|||
type AuthObjectWithoutResources<T extends AuthObject> = Omit<T, 'user' | 'organization' | 'session'>; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: we need to rethink how the backend types propagate, as I think we shouldn't resort to this low-level workarounds here. This PR is fine as we need a quick fix, but we should revisit in the future
This PR has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Description
In this PR we are dropping
user
,session
, andorganization
resouces from the returned value ofauth()
. They were never officially supported as the middleware didn't support types forloadUser
,loadSession
.Although by passing the types errors you could still load the resources. We consider bad practice to have extra 1-3 requests for each request that middleware captures so we should not allow developers to expect the resources returned from auth will be populated.
Checklist
npm test
runs as expected.npm run build
runs as expected.Type of change
Packages affected
@clerk/clerk-js
@clerk/clerk-react
@clerk/nextjs
@clerk/remix
@clerk/types
@clerk/themes
@clerk/localizations
@clerk/clerk-expo
@clerk/backend
@clerk/clerk-sdk-node
@clerk/shared
@clerk/fastify
@clerk/chrome-extension
gatsby-plugin-clerk
build/tooling/chore