Tanstack Start protected routes with Convex-Auth
Here’s a concise message you can post in Discord:
Hey all — I’m using TanStack Start with Convex + Convex Auth and I’m trying to:
Protect routes server-side (beforeLoad) and redirect unauthenticated users.
Run authenticated Convex queries from TanStack Start server loaders/createServerFn during SSR.
But the missing piece is: how to get a server-readable auth token/session from the TanStack Start request so I can call ctx.context.convexQueryClient.serverHttpClient?.setAuth(token) in beforeLoad. The Clerk guide shows this pattern with auth.getToken({ template: "convex" }), but I don’t see the Convex Auth equivalent for TanStack Start yet. Is there a recommended way to surface a Convex Auth token to the server (cookie/header) and wire it into beforeLoad so SSR loaders run authenticated?
Hey all — I’m using TanStack Start with Convex + Convex Auth and I’m trying to:
Protect routes server-side (beforeLoad) and redirect unauthenticated users.
Run authenticated Convex queries from TanStack Start server loaders/createServerFn during SSR.
But the missing piece is: how to get a server-readable auth token/session from the TanStack Start request so I can call ctx.context.convexQueryClient.serverHttpClient?.setAuth(token) in beforeLoad. The Clerk guide shows this pattern with auth.getToken({ template: "convex" }), but I don’t see the Convex Auth equivalent for TanStack Start yet. Is there a recommended way to surface a Convex Auth token to the server (cookie/header) and wire it into beforeLoad so SSR loaders run authenticated?
