loliklr:)•3w ago

Make Convex Auth fast by not using middleware and not waiting for server to get user

I am using Github auth for my Next.JS website through convex. I want to achieve the following: 1. The user will stay authenticated for at least the 30 next days every time they interact with the app for up to 1 year in total 2. I want to have some local state for if the user is signed out so that i can either show them the signed in page or show the profile picture with their name immediately when they enter my page. 3. I want to easily make some functions require auth and I want those functions to be really lightweight so that it does not need to make a seperate call to the auth server every time I want to make a request. Is it possible/easy to achieve something like this with Convex? My assumptions: 1. You can set the following values:

import GitHub from "@auth/core/providers/github";
import { convexAuth } from "@convex-dev/auth/server";

export const { auth, signIn, signOut, store, isAuthenticated } = convexAuth({
  providers: [GitHub],
  session: {
    totalDurationMs: 1000 * 60 * 60 * 24 * 365,
    inactiveDurationMs: 1000 * 60 * 60 * 24 * 30,
  },
  jwt: {
    durationMs: 1000 * 60 * 60 * 24 * 30,
  },
});

import GitHub from "@auth/core/providers/github";
import { convexAuth } from "@convex-dev/auth/server";

export const { auth, signIn, signOut, store, isAuthenticated } = convexAuth({
  providers: [GitHub],
  session: {
    totalDurationMs: 1000 * 60 * 60 * 24 * 365,
    inactiveDurationMs: 1000 * 60 * 60 * 24 * 30,
  },
  jwt: {
    durationMs: 1000 * 60 * 60 * 24 * 30,
  },
});

2. I can use a jwt token 3. I can use jwt token My main problems are that jwt does not really seem to be recommended in authjs 5 (https://authjs.dev/reference/nextjs/jwt) and I find it hard to understand if convex auth is a seperate service or not. I am also finding it hard to understand how I would actually implement the code that achieves 2 and 3. How can I access the jwt state if that is a valid solution and if not: What is a good alternative? Lastly, for 3, I want to make sure that if something changes on the server, such as a user role being updated, that should take priority over the jwt token always.

Auth.js | Jwt

Authentication for the Web

1 Reply

erquhart•2w ago

Server auth is still early in Convex Auth, and it’s actually cookie based. Refresh token is stored in a cookie and used to fetch tokens. Any authentication integration with Convex requires basic OIDC endpoints. Convex Auth implements those endpoints as Convex Actions, providing a way to generate and validate jwts. That’s the “separate service” bit. But it’s all in your Convex code, not a standalone service from Convex. The unauth local state stuff you mentioned you can just implement yourself using local storage or something. For the lightweight auth functions, I need to better understand what you’re trying to do. Anything requiring authentication needs to hit a server, and it’s quite fast for all purposes except the middleware checks you mentioned.

Make Convex Auth fast by not using middleware and not waiting for server to get user

Did you find this page helpful?