working, but requires ctx change

examples/auth/app/users/queries/getCurrentUser.ts

@@ -5,7 +5,7 @@ export default async function getCurrentUser(_ = null, ctx: {session?: SessionCo
   if (!ctx.session?.userId) return null
 
   const user = await db.user.findOne({
-    where: {id: ctx.session!.userId},
+    where: {id: ctx.session.userId},
     select: {id: true, name: true, email: true, role: true},
   })
 

examples/auth/app/users/queries/getUser.ts

@@ -10,11 +10,12 @@ type GetUserInput = {
 
 export default async function getUser(
   {where, select}: GetUserInput,
-  ctx: {session?: SessionContext} = {},
+  ctx: {session: SessionContext},
 ) {
-  ctx.session?.authorize(["admin", "user"])
+  ctx.session.authorize(["admin", "user"])
 
-  const user = await db.user.findOne({where, select})
+  const user = await db.user.findOne({where: {id: ctx.session.userId}})
+  // const user = await db.user.findOne({where, select})
 
   if (!user) throw new NotFoundError(`User with id ${where.id} does not exist`)
 

examples/auth/app/users/queries/getUsers.ts

@@ -15,7 +15,7 @@ export default async function getUsers(
   {where, orderBy, cursor, take, skip}: GetUsersInput,
   ctx: {session?: SessionContext} = {},
 ) {
-  ctx.session?.authorize(["admin"])
+  ctx.session!.authorize(["admin"])
 
   const users = await db.user.findMany({
     where,

examples/auth/types.ts

@@ -0,0 +1,8 @@
+import {DefaultAuthTypes} from "blitz"
+import {User} from "db"
+
+declare module "blitz" {
+  export interface AuthTypes extends DefaultAuthTypes {
+    userId: User["id"]
+  }
+}

packages/core/package.json

@@ -50,7 +50,8 @@
     "react-query": "2.5.11",
     "serialize-error": "6.0.0",
     "superjson": "1.2.1",
-    "url": "0.11.0"
+    "url": "0.11.0",
+    "utility-types": "3.10.0"
   },
   "gitHead": "d3b9fce0bdd251c2b1890793b0aa1cd77c1c0922"
 }

packages/core/src/supertokens.ts

@@ -2,6 +2,7 @@ import {useState} from "react"
 import BadBehavior from "bad-behavior"
 import {useIsomorphicLayoutEffect} from "./utils/hooks"
 import {queryCache} from "react-query"
+import {DeepNonNullable} from "utility-types"
 
 export const TOKEN_SEPARATOR = ";"
 export const HANDLE_SEPARATOR = ":"
@@ -27,14 +28,19 @@ function assert(condition: any, message: string): asserts condition {
   if (!condition) throw new Error(message)
 }
 
-export interface PublicData extends Record<any, any> {
+export interface DefaultAuthTypes {
   userId: any
+}
+export interface AuthTypes extends DefaultAuthTypes {}
+
+export interface PublicData extends Record<any, any> {
+  userId: AuthTypes["userId"] | null
   roles: string[]
 }
 
 export interface SessionModel extends Record<any, any> {
   handle: string
-  userId?: any
+  userId?: AuthTypes["userId"]
   expiresAt?: Date
   hashedSessionToken?: string
   antiCSRFToken?: string
@@ -47,31 +53,40 @@ export type SessionConfig = {
   method?: "essential" | "advanced"
   sameSite?: "none" | "lax" | "strict"
   getSession: (handle: string) => Promise<SessionModel | null>
-  getSessions: (userId: any) => Promise<SessionModel[]>
+  getSessions: (userId: AuthTypes["userId"]) => Promise<SessionModel[]>
   createSession: (session: SessionModel) => Promise<SessionModel>
   updateSession: (handle: string, session: Partial<SessionModel>) => Promise<SessionModel>
   deleteSession: (handle: string) => Promise<SessionModel>
   unstable_isAuthorized: (userRoles: string[], input?: any) => boolean
 }
 
-export interface SessionContext {
+export interface SessionContextBase {
   /**
    * null if anonymous
    */
-  userId: any
+  userId: unknown
   roles: string[]
   handle: string | null
   publicData: PublicData
-  authorize: (input?: any) => void
-  isAuthorized: (input?: any) => boolean
+  authorize(input?: any): asserts this is AuthenticatedSessionContext
+  isAuthorized(input?: any): boolean
   // authorize: (roleOrRoles?: string | string[]) => void
   // isAuthorized: (roleOrRoles?: string | string[]) => boolean
-  create: (publicData: PublicData, privateData?: Record<any, any>) => Promise<void>
-  revoke: () => Promise<void>
-  revokeAll: () => Promise<void>
-  getPrivateData: () => Promise<Record<any, any>>
-  setPrivateData: (data: Record<any, any>) => Promise<void>
-  setPublicData: (data: Record<any, any>) => Promise<void>
+  create(publicData: DeepNonNullable<PublicData>, privateData?: Record<any, any>): Promise<void>
+  revoke(): Promise<void>
+  revokeAll(): Promise<void>
+  getPrivateData(): Promise<Record<any, any>>
+  setPrivateData(data: Record<any, any>): Promise<void>
+  setPublicData(data: Record<any, any>): Promise<void>
+}
+
+export interface AuthenticatedSessionContext extends SessionContextBase {
+  userId: AuthTypes["userId"]
+}
+
+// Anonymous session context
+export interface SessionContext extends SessionContextBase {
+  userId: AuthTypes["userId"] | null
 }
 
 // Taken from https://github.com/HenrikJoreteg/cookie-getter

yarn.lock

@@ -18930,6 +18930,11 @@ utile@0.3.x:
     ncp "1.0.x"
     rimraf "2.x.x"
 
+utility-types@3.10.0:
+  version "3.10.0"
+  resolved "https://registry.yarnpkg.com/utility-types/-/utility-types-3.10.0.tgz#ea4148f9a741015f05ed74fd615e1d20e6bed82b"
+  integrity sha512-O11mqxmi7wMKCo6HKFt5AhO4BwY3VV68YU07tgxfz8zJTIxr4BpsezN49Ffwy9j3ZpwwJp4fkRwjRzq3uWE6Rg==
+
 utils-merge@1.0.1, utils-merge@1.x.x:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713"