trevor•15mo ago

How to interact with Convex from an external Lambda / Serverless?

I have been really enjoying Convex, nice work team. I think the part about Convex that has proven very confusing though is when I want to interact with Convex from a regular Lambda / Serverless function. I imagine the way to do that is like so:

const convex = new ConvexHttpClient(process.env.NEXT_PUBLIC_CONVEX_URL ?? "");
const test = await convex.query(api.users.getById, {
  id: "123456",
});

const convex = new ConvexHttpClient(process.env.NEXT_PUBLIC_CONVEX_URL ?? "");
const test = await convex.query(api.users.getById, {
  id: "123456",
});

This actually worked great for me. But now I have the case of needing to run some simple mutations and I want to verify that the user I'm mutating is the same as the logged-in user. So, on the client side, I will call

const token = await getToken()

const token = await getToken()

And pass that auth token up to the serverless function with the request. I imagined it was as simple as this and then recalling the function:

convex.setAuth(token);

convex.setAuth(token);

But it fails with this error:

 ⨯ node_modules/convex/dist/esm/browser/http_client.js (106:12) @ ConvexHttpClient.query
 ⨯ Error: {"code":"NoAuthProvider","message":"No auth provider found matching the given token"}
    at async runBackendUtility (./src/app/backend/utility.ts:51:18)

 ⨯ node_modules/convex/dist/esm/browser/http_client.js (106:12) @ ConvexHttpClient.query
 ⨯ Error: {"code":"NoAuthProvider","message":"No auth provider found matching the given token"}
    at async runBackendUtility (./src/app/backend/utility.ts:51:18)

I know that the whole app is otherwise working very well with client-side authentication and mutations correctly accessing the logged-in user. The setup with Clerk has otherwise been very unproblematic and easy to follow. I've been stuck on this for the better part of the day. Can't seem to go any further. Thanks for any help you can provide.

4 Replies

ballingt•15mo ago

Could you take a look at getToken, does it take a template option? (is it this one? https://clerk.com/docs/references/backend/sessions/get-token)

ballingt•15mo ago

try adding template: "convex" to this to make it match the way a token is requested in the convex auth code that it sounds like is working for you: https://github.com/get-convex/convex-js/blob/32ff1dc1190e35223bda44c41f51a237960da3e0/src/react-clerk/ConvexProviderWithClerk.tsx#L63

GitHub

convex-js/src/react-clerk/ConvexProviderWithClerk.tsx at 32ff1dc119...

TypeScript/JavaScript client library for Convex. Contribute to get-convex/convex-js development by creating an account on GitHub.

trevorOP•15mo ago

Wow. Your suggestion worked immediately. Major kudos and appreciation to you. It was the same getToken function you found in the Clerk docs as you thought. @ballingt now that I played around with this some more, I was able to get it working without necessarily passing the token from the frontend to the backend.

const convex = new ConvexHttpClient(process.env.NEXT_PUBLIC_CONVEX_URL ?? "");
const clerkSessionCookie = cookies().get("__session")?.value ?? "";
const sessionJwt = decodeJwt(clerkSessionCookie);
const sessionID = sessionJwt.payload.sid;
const token = await clerkClient.sessions.getToken(sessionID, "convex");
convex.setAuth(token);
await convex.query(api.users.currentUser);

const convex = new ConvexHttpClient(process.env.NEXT_PUBLIC_CONVEX_URL ?? "");
const clerkSessionCookie = cookies().get("__session")?.value ?? "";
const sessionJwt = decodeJwt(clerkSessionCookie);
const sessionID = sessionJwt.payload.sid;
const token = await clerkClient.sessions.getToken(sessionID, "convex");
convex.setAuth(token);
await convex.query(api.users.currentUser);

Does feel a bit roundabout, so just want to make sure this is what you'd recommend as well. Cheers and also thank you again for the quick and insightful reply, I really did appreciate that.

ballingt•15mo ago

That's slick. It's not clear to me if this is guaranteed to keep working since I don't see the cookie contents documented by Clerk but changing it seems like it would break a lot of things so this seems safe. I think Clerk middleware might do some of this for you. But this sounds good to me.

How to interact with Convex from an external Lambda / Serverless?

Did you find this page helpful?