feat: add tRPC auth context, middleware, and protected procedures

- Install jose (JWT) and bcryptjs (password hashing) dependencies - Create auth utilities: JWT sign/verify, password hash/verify, session management - Create createTRPCContext that extracts auth from session cookie, Bearer JWT, or x-api-key - Add publicProcedure, protectedProcedure, adminProcedure, rateLimitedProcedure with middleware - Wire context builder into SolidStart tRPC API handler - Update tRPC client to inject auth tokens and handle 401 redirects - Add unit tests for JWT, password, context builder, and middleware
2026-05-25 15:46:52 -04:00
parent 052e08c17b
commit 71972436b6
13 changed files with 385 additions and 17 deletions
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -52,9 +52,15 @@ importers:
      '@typeschema/valibot':
        specifier: ^0.13.4
        version: 0.13.5(valibot@0.29.0)
+      bcryptjs:
+        specifier: ^3.0.3
+        version: 3.0.3
      drizzle-orm:
        specifier: ^0.45.2
        version: 0.45.2(@types/pg@8.20.0)(pg@8.21.0)
+      jose:
+        specifier: ^5
+        version: 5.10.0
      pg:
        specifier: ^8.21.0
        version: 8.21.0
@@ -1716,6 +1722,10 @@ packages:
    engines: {node: '>=6.0.0'}
    hasBin: true

+  bcryptjs@3.0.3:
+    resolution: {integrity: sha512-GlF5wPWnSa/X5LKM1o0wz0suXIINz1iHRLvTS+sLyi7XPbe5ycmYI3DlZqVGZZtDgl4DmasFg7gOB3JYbphV5g==}
+    hasBin: true
+
  bidi-js@1.0.3:
    resolution: {integrity: sha512-RKshQI1R3YQ+n9YJz2QQ147P66ELpa1FQEg20Dk8oW9t2KgLbpDLLp9aGZ7y8WHSshDknG0bknqGw5/tyCs5tw==}

@@ -2425,6 +2435,9 @@ packages:
    resolution: {integrity: sha512-AC/7JofJvZGrrneWNaEnJeOLUx+JlGt7tNa0wZiRPT4MY1wmfKjt2+6O2p2uz2+skll8OZZmJMNqeke7kKbNgQ==}
    hasBin: true

+  jose@5.10.0:
+    resolution: {integrity: sha512-s+3Al/p9g32Iq+oqXxkW//7jk2Vig6FF1CFqzVXoTUXt2qz89YWbL+OwS17NFYEvxC35n0FKeGO2LGYSxeM2Gg==}
+
  js-tokens@10.0.0:
    resolution: {integrity: sha512-lM/UBzQmfJRo9ABXbPWemivdCW8V2G8FHaHdypQaIy523snUjog0W71ayWXTjiR+ixeMyVHN2XcpnTd/liPg/Q==}

@@ -4980,6 +4993,8 @@ snapshots:

  baseline-browser-mapping@2.10.32: {}

+  bcryptjs@3.0.3: {}
+
  bidi-js@1.0.3:
    dependencies:
      require-from-string: 2.0.2
@@ -5622,6 +5637,8 @@ snapshots:

  jiti@2.7.0: {}

+  jose@5.10.0: {}
+
  js-tokens@10.0.0: {}

  js-tokens@4.0.0: {}