The way tRPC handles auth right now is a bit strange. We call a permProcedure and then in the mutation/query, we call permissions.controlPerms.or(["...PERM..."], ctx);. This is kind of funky and can be cleaned up into better ways.
Dhruv and I were discussing changing this to a middleware. This would allow us to do something similar to
permProcedure
.use(permsMiddleware("OR", ["SOME_PERM", "SOME_OTHER_PERM"]))
.input(/* ts don't matter */)
.mutation(/* ts don't matter either */)The naming can obviously be changed but this is a better pattern to stick to. Since we are using side effect functions rather than a middleware right now. This refactor wouldn't be too complex, but it would touch a large majority of our API. Opening this issue so we can discuss this in the future.
The way tRPC handles auth right now is a bit strange. We call a
permProcedureand then in the mutation/query, we callpermissions.controlPerms.or(["...PERM..."], ctx);. This is kind of funky and can be cleaned up into better ways.Dhruv and I were discussing changing this to a middleware. This would allow us to do something similar to
The naming can obviously be changed but this is a better pattern to stick to. Since we are using side effect functions rather than a middleware right now. This refactor wouldn't be too complex, but it would touch a large majority of our API. Opening this issue so we can discuss this in the future.