Open luap2703 opened 1 week ago
Hi, apologies for the inconvience. It's not documented but we export the custom authenticateRequest
we use that converts Express's request to Web Request.
You can use it like this:
import { clerkClient, authenticateRequest } from '@clerk/express'
const serverCleanup = useServer(
{
schema,
context: async (ctx, message, args) => {
const state = await authenticateRequest({
clerkClient,
request: ctx.extra.request,
// optional
options: {
authorizedParties
}
})
const auth = state.toAuth()
// other code
},
},
wsServer,
)
Hi @wobsoriano ,
thanks for the response but as mentioned it's not typesafe (+ throws during runtime, at least when imported from the node sdk):
Hi @luap2703, thanks for replying quick. What's the runtime error you're experiencing?
For the meantime, a quick workaround is to use this internal function as a basis to convert IncomingMessage
to Request
.
const request = incomingMessageToRequest(ctx.extra.request)
const state = await clerkClient.authenticateRequest(request)
and you're right, the request
in the custom authenticateRequest
is an Express Request type
Preliminary Checks
[X] I have reviewed the documentation: https://clerk.com/docs
[X] I have searched for existing issues: https://github.com/clerk/javascript/issues
[X] I have not already reached out to Clerk support via email or Discord (if you have, no need to open an issue here)
[X] This issue is not a question, general help request, or anything other than a bug report directly related to Clerk. Please ask questions in our Discord community: https://clerk.com/discord.
Reproduction
n/a
Publishable key
pk_test_c21pbGluZy1tb2NjYXNpbi01NS5jbGVyay5hY2NvdW50cy5kZXYk
Description
When using clerk with Apollo Graphql's server and more precisely with the Websocket enhancement to support Subscriptions, you would normally pass the request object (handed through ctx.extra.request) to the authentication logic (the
middleware
or theauthenticateRequest
function) and then pass the authed user to the context.This is currently not possible with any of the helper functions since they all require the Request to be an express request. But Apollo injects the request as
Http.IncominMessage
, without a response (since there's no Http Response in WS connection).The only working solution we found so far is to go to the lowest available backend abstraction and verify the cookie ourselves which is quite complicated.
Expected behavior:
Allow the
ClerkExpressWithAuth
orauthenticateRequest
function to takeHttp.IncominMessage
objects. They do already all the necessary parameters to authenticate it.Actual behavior:
authenticateRequest and ClerkExpressWithAuth fail when trying to authenticate the IncomingMessage.
What we would like to be accomplish but what doesn't work:
What we have to do although all relevant props are written onto IncomingMessage:
Environment