Cole
Cole2mo ago

With nextJS is it a good/bad idea to

With nextJS is it a good/bad idea to move all of my api queries to convex actions?
11 Replies
erquhart
erquhart2mo ago
Can you say more about the api queries are they just to various external services
Cole
ColeOP2mo ago
Yeah I was thinking use convex actions to streamline all the logic Because it can technically act as a DAL right?
erquhart
erquhart2mo ago
Yep And yeah there's not typically a good reason to have additional backends when you have Convex, tends to complicate things in my experience
Cole
ColeOP2mo ago
What about security considerations? @erquhart I’m tempted to implement Diffie-Hellman for session verification of sorts
erquhart
erquhart2mo ago
cool cool lemme google "diffie hellman" quick and then i will give you my expert opinion lol Honestly it's down to specific things you're doing and the sensitivity of the data A lot of folks use a straight shared secret for server to server stuff, but if you need to or want to make it more secure, doesn't hurt But if you're hitting services you don't own, they typically have a blessed method of secure interaction anyway
Cole
ColeOP2mo ago
@erquhart Does better-auth convex adapter support the better-auth admin plugin? I am thinking yes as of version 0.7.9?
erquhart
erquhart2mo ago
Yep, it works in 0.7.x
Cole
ColeOP5w ago
@erquhart Got a question for ya, been trying to sort out checking authentication state properly with nextjs, it seems that sometimes user is undefined until i refresh the page, any ideas? 
export async function Layout({
  client,
  analyst,
  children,
}: {
  client: React.ReactNode;
  analyst: React.ReactNode;
  children: React.ReactNode;
}) {
  let currentUser = null;
  let isAdmin = false;

  try {
    const token = await getToken(createAuth);

    if (token) {
      currentUser = await fetchQuery(api.auth.getCurrentUser, {}, { token });

      if (currentUser?._id) {
        isAdmin = await fetchQuery(
          api.auth.hasRole,
          {
            userId: currentUser._id as Id<"users">,
            roleName: "superadmin",
          },
          {
            token,
          }
        );
      }
    }
  } catch (error) {
    console.error("Error fetching user data:", error);
    // Continue with unauthenticated state
  }

  // Determine if user is a client (non-admin authenticated user)
  const isClient = currentUser && !isAdmin;

  return ...
}
export async function Layout({
  client,
  analyst,
  children,
}: {
  client: React.ReactNode;
  analyst: React.ReactNode;
  children: React.ReactNode;
}) {
  let currentUser = null;
  let isAdmin = false;

  try {
    const token = await getToken(createAuth);

    if (token) {
      currentUser = await fetchQuery(api.auth.getCurrentUser, {}, { token });

      if (currentUser?._id) {
        isAdmin = await fetchQuery(
          api.auth.hasRole,
          {
            userId: currentUser._id as Id<"users">,
            roleName: "superadmin",
          },
          {
            token,
          }
        );
      }
    }
  } catch (error) {
    console.error("Error fetching user data:", error);
    // Continue with unauthenticated state
  }

  // Determine if user is a client (non-admin authenticated user)
  const isClient = currentUser && !isAdmin;

  return ...
}
erquhart
erquhart5w ago
This would generally happen if your token is missing or expired
Cole
ColeOP5w ago
@erquhart sorry for repeated questions, how can I manually create a user instead of just being from a signup flow with convex/better-aut
erquhart
erquhart5w ago
I think the admin plugin is the way to do that: https://www.better-auth.com/docs/plugins/admin#create-user

Did you find this page helpful?