feat: Configure next-auth & trpc (#3)

Author: kdy1

.gitignore

@@ -130,3 +130,4 @@ dist
 .pnp.*
 
 .turbo/
+.vercel

apps/webapp/drizzle.config.ts

@@ -0,0 +1,11 @@
+import "dotenv/config";
+import { defineConfig } from "drizzle-kit";
+
+export default defineConfig({
+  dialect: "postgresql",
+  schema: "./src/server/schema.ts",
+  out: "./drizzle",
+  dbCredentials: {
+    url: process.env.DATABASE_URL!,
+  },
+});

apps/webapp/package.json

@@ -3,15 +3,17 @@
   "version": "0.1.0",
   "private": true,
   "scripts": {
+    "db:push": "drizzle-kit push",
+    "db:studio": "drizzle-kit studio",
     "dev": "next dev -p 9000",
     "build": "next build",
     "start": "next start",
     "lint": "next lint"
   },
   "dependencies": {
     "@auth/drizzle-adapter": "^1.7.4",
+    "@tanstack/react-query": "^5.62.10",
     "@trpc/client": "11.0.0-rc.666",
-    "@trpc/next": "11.0.0-rc.666",
     "@trpc/react-query": "11.0.0-rc.666",
     "@trpc/server": "11.0.0-rc.666",
     "class-variance-authority": "^0.7.1",
@@ -32,6 +34,8 @@
     "@types/node": "^20",
     "@types/react": "^19",
     "@types/react-dom": "^19",
+    "dotenv": "^16.4.7",
+    "drizzle-kit": "^0.30.1",
     "eslint": "^9",
     "eslint-config-next": "15.1.1-canary.19",
     "postcss": "^8",

apps/webapp/src/app/layout.tsx

@@ -4,8 +4,7 @@ import "./globals.css";
 import { Inter } from "next/font/google";
 import { SessionProvider } from "next-auth/react";
 import { NoSSR } from "../components/util/no-ssr";
-
-const inter = Inter({ subsets: ["latin"] });
+import { TrpcProvider } from "./trpc-provider";
 
 // export const metadata = {
 //   title: "Dudy TPP",
@@ -21,7 +20,9 @@ export default function RootLayout({
     <html lang="en">
       <NoSSR>
         <SessionProvider>
-          <body className={inter.className}>{children}</body>
+          <TrpcProvider>
+            <body>{children}</body>
+          </TrpcProvider>
         </SessionProvider>
       </NoSSR>
     </html>

apps/webapp/src/app/trpc-provider.tsx

@@ -0,0 +1,43 @@
+import { QueryClient, QueryClientProvider } from "@tanstack/react-query";
+import { trpc } from "@/utils/trpc";
+import { httpBatchLink } from "@trpc/client";
+import { useState } from "react";
+
+export function TrpcProvider({ children }: { children: React.ReactNode }) {
+  const [queryClient] = useState(() => new QueryClient());
+  const [trpcClient] = useState(() =>
+    trpc.createClient({
+      links: [
+        httpBatchLink({
+          url: `${getBaseUrl()}/api/trpc`,
+          // You can pass any HTTP headers you wish here
+          async headers() {
+            return {
+              // authorization: getAuthCookie(),
+            };
+          },
+        }),
+      ],
+    }),
+  );
+
+  return (
+    <trpc.Provider client={trpcClient} queryClient={queryClient}>
+      <QueryClientProvider client={queryClient}>{children}</QueryClientProvider>
+    </trpc.Provider>
+  );
+}
+
+function getBaseUrl() {
+  if (typeof window !== "undefined")
+    // browser should use relative path
+    return "";
+  if (process.env.VERCEL_URL)
+    // reference for vercel.com
+    return `https://${process.env.VERCEL_URL}`;
+  if (process.env.RENDER_INTERNAL_HOSTNAME)
+    // reference for render.com
+    return `http://${process.env.RENDER_INTERNAL_HOSTNAME}:${process.env.PORT}`;
+  // assume localhost
+  return `http://localhost:${process.env.PORT ?? 3000}`;
+}

apps/webapp/src/lib/server/auth-options.ts

@@ -1,12 +1,16 @@
 import { DrizzleAdapter } from "@auth/drizzle-adapter";
 import { db } from "@/server/db";
-import EmailProvider from "next-auth/providers/email";
-import GithubProvider from "next-auth/providers/github";
 import { NextAuthOptions } from "next-auth";
+import GithubProvider from "next-auth/providers/github";
 
 export const authOptions: NextAuthOptions = {
   adapter: DrizzleAdapter(db),
-  providers: [EmailProvider({})],
+  providers: [
+    GithubProvider({
+      clientId: process.env.GITHUB_CLIENT_ID!,
+      clientSecret: process.env.GITHUB_CLIENT_SECRET!,
+    }),
+  ],
   callbacks: {
     session: ({ session, user }) => ({
       ...session,

apps/webapp/src/server/schema.ts

@@ -1,3 +1,4 @@
+import type { AdapterAccount } from "next-auth/adapters";
 import {
   pgTable,
   serial,
@@ -6,6 +7,8 @@ import {
   integer,
   uniqueIndex,
   pgEnum,
+  boolean,
+  primaryKey,
 } from "drizzle-orm/pg-core";
 
 export const approvalRequestStatusEnum = pgEnum("approval_request_status", [
@@ -14,16 +17,86 @@ export const approvalRequestStatusEnum = pgEnum("approval_request_status", [
   "rejected",
 ]);
 
-export const users = pgTable("users", {
-  id: serial("id").primaryKey(),
-  name: text("name").notNull(),
-  email: text("email").notNull().unique(),
-  createdAt: timestamp("created_at").defaultNow().notNull(),
+export const users = pgTable("user", {
+  id: text("id")
+    .primaryKey()
+    .$defaultFn(() => crypto.randomUUID()),
+  name: text("name"),
+  email: text("email").unique(),
+  emailVerified: timestamp("emailVerified", { mode: "date" }),
+  image: text("image"),
+});
+
+export const accounts = pgTable(
+  "account",
+  {
+    userId: text("userId")
+      .notNull()
+      .references(() => users.id, { onDelete: "cascade" }),
+    type: text("type").$type<AdapterAccount["type"]>().notNull(),
+    provider: text("provider").notNull(),
+    providerAccountId: text("providerAccountId").notNull(),
+    refresh_token: text("refresh_token"),
+    access_token: text("access_token"),
+    expires_at: integer("expires_at"),
+    token_type: text("token_type"),
+    scope: text("scope"),
+    id_token: text("id_token"),
+    session_state: text("session_state"),
+  },
+  (account) => ({
+    compoundKey: primaryKey({
+      columns: [account.provider, account.providerAccountId],
+    }),
+  }),
+);
+
+export const sessions = pgTable("session", {
+  sessionToken: text("sessionToken").primaryKey(),
+  userId: text("userId")
+    .notNull()
+    .references(() => users.id, { onDelete: "cascade" }),
+  expires: timestamp("expires", { mode: "date" }).notNull(),
 });
 
+export const verificationTokens = pgTable(
+  "verificationToken",
+  {
+    identifier: text("identifier").notNull(),
+    token: text("token").notNull(),
+    expires: timestamp("expires", { mode: "date" }).notNull(),
+  },
+  (verificationToken) => ({
+    compositePk: primaryKey({
+      columns: [verificationToken.identifier, verificationToken.token],
+    }),
+  }),
+);
+
+export const authenticators = pgTable(
+  "authenticator",
+  {
+    credentialID: text("credentialID").notNull().unique(),
+    userId: text("userId")
+      .notNull()
+      .references(() => users.id, { onDelete: "cascade" }),
+    providerAccountId: text("providerAccountId").notNull(),
+    credentialPublicKey: text("credentialPublicKey").notNull(),
+    counter: integer("counter").notNull(),
+    credentialDeviceType: text("credentialDeviceType").notNull(),
+    credentialBackedUp: boolean("credentialBackedUp").notNull(),
+    transports: text("transports"),
+  },
+  (authenticator) => ({
+    compositePK: primaryKey({
+      columns: [authenticator.userId, authenticator.credentialID],
+    }),
+  }),
+);
+
 export const devices = pgTable("devices", {
   id: serial("id").primaryKey(),
-  userId: integer("user_id")
+  userId: text("user_id")
     .references(() => users.id)
     .notNull(),
   name: text("name").notNull(),
@@ -46,7 +119,7 @@ export const packageMembers = pgTable(
     packageId: integer("package_id")
       .references(() => packages.id)
       .notNull(),
-    userId: integer("user_id")
+    userId: text("user_id")
       .references(() => users.id)
       .notNull(),
     createdAt: timestamp("created_at").defaultNow().notNull(),
@@ -77,7 +150,7 @@ export const approvalGroupMembers = pgTable(
     groupId: integer("group_id")
       .references(() => approvalGroups.id)
       .notNull(),
-    userId: integer("user_id")
+    userId: text("user_id")
       .references(() => users.id)
       .notNull(),
     createdAt: timestamp("created_at").defaultNow().notNull(),
@@ -109,7 +182,7 @@ export const approvals = pgTable(
     requestId: integer("request_id")
       .references(() => approvalRequests.id)
       .notNull(),
-    userId: integer("user_id")
+    userId: text("user_id")
       .references(() => users.id)
       .notNull(),
     createdAt: timestamp("created_at").defaultNow().notNull(),

apps/webapp/src/server/trpc.ts

@@ -25,7 +25,10 @@ export const protectedProcedure = t.procedure.use(async (opts) => {
   return opts.next({
     ctx: {
       ...ctx,
-      user: ctx.session.user,
+      user: {
+        ...ctx.session.user,
+        id: (ctx.session.user as any).id as string,
+      },
     },
   });
 });

apps/webapp/src/utils/trpc.ts

@@ -1,45 +1,6 @@
 "use client";
 
 import { AppRouter } from "@/server/router";
-import { createTRPCNext } from "@trpc/next";
-import { httpBatchLink } from "@trpc/client";
+import { createTRPCReact } from "@trpc/react-query";
 
-function getBaseUrl() {
-  if (typeof window !== "undefined")
-    // browser should use relative path
-    return "";
-  if (process.env.VERCEL_URL)
-    // reference for vercel.com
-    return `https://${process.env.VERCEL_URL}`;
-  if (process.env.RENDER_INTERNAL_HOSTNAME)
-    // reference for render.com
-    return `http://${process.env.RENDER_INTERNAL_HOSTNAME}:${process.env.PORT}`;
-  // assume localhost
-  return `http://localhost:${process.env.PORT ?? 3000}`;
-}
-
-export const trpc = createTRPCNext<AppRouter>({
-  config() {
-    return {
-      links: [
-        httpBatchLink({
-          /**
-           * If you want to use SSR, you need to use the server's full URL
-           * @see https://trpc.io/docs/v11/ssr
-           **/
-          url: `${getBaseUrl()}/api/trpc`,
-          // You can pass any HTTP headers you wish here
-          async headers() {
-            return {
-              // authorization: getAuthCookie(),
-            };
-          },
-        }),
-      ],
-    };
-  },
-  /**
-   * @see https://trpc.io/docs/v11/ssr
-   **/
-  ssr: false,
-});
+export const trpc = createTRPCReact<AppRouter>();