Merge pull request #2664 from neondatabase/bgrenon-fix-authorize-afte…

…r-snippet

Fix reverted snippet in About Neon Authorize

content/docs/guides/neon-authorize-tutorial.md

@@ -88,15 +88,18 @@ Let's take a look at the `getTodos` function in the `actions.tsx` file:
 
 ```typescript shouldWrap
 export async function getTodos(): Promise<Array<Todo>> {
-  return fetchWithDrizzle(async (db, { userId }) => {
-    // WHERE filter is optional because of RLS. But we send it anyway for
-    // performance reasons.
-    return db
-      .select()
-      .from(schema.todos)
-      .where(eq(schema.todos.userId, sql`auth.user_id()`)) // [!code highlight]
-      .orderBy(asc(schema.todos.insertedAt));
-  });
+  const { getToken } = auth();
+  const authToken = await getToken();
+  const db = drizzle(process.env.DATABASE_AUTHENTICATED_URL!, { schema });
+
+  // WHERE filter is optional because of RLS. But we send it anyway for
+  // performance reasons.
+  return db
+    .$withAuth(authToken)
+    .select()
+    .from(schema.todos)
+    .where(eq(schema.todos.userId, sql`auth.user_id()`))
+    .orderBy(asc(schema.todos.insertedAt));
 }
 ```
 
@@ -164,15 +167,18 @@ Another scenario, imagine a team member writes the `getTodos` function like this
 
 ```typescript shouldWrap
 export async function getTodos(): Promise<Array<Todo>> {
-  return fetchWithDrizzle(async (db) => {
-    const todos = await db
-      .select()
-      .from(schema.todos)
-      .where(eq(schema.todos.userId, schema.todos.userId)) // Woops // [!code highlight]
-      .orderBy(asc(schema.todos.insertedAt));
-
-    return todos;
-  });
+  const { getToken } = auth();
+  const authToken = await getToken();
+  const db = drizzle(process.env.DATABASE_AUTHENTICATED_URL!, { schema });
+
+  const todos = await db
+    .$withAuth(authToken)
+    .select()
+    .from(schema.todos)
+    .where(eq(schema.todos.userId, schema.todos.userId)) // Woops // [!code highlight]
+    .orderBy(asc(schema.todos.insertedAt));
+
+  return todos;
 }
 ```
 
@@ -196,15 +202,17 @@ Order is restored, thanks to RLS. Now go fix your app before you forget:
 
 ```typescript shouldWrap
 export async function getTodos(): Promise<Array<Todo>> {
-  return fetchWithDrizzle(async (db, { userId }) => {
-    // WHERE filter is optional because of RLS. But we send it anyway for
-    // performance reasons.
-    return db
-      .select()
-      .from(schema.todos)
-      .where(eq(schema.todos.userId, sql`auth.user_id()`))
-      .orderBy(asc(schema.todos.insertedAt));
-  });
+  const { getToken } = auth();
+  const authToken = await getToken();
+  const db = drizzle(process.env.DATABASE_AUTHENTICATED_URL!, { schema });
+  // WHERE filter is optional because of RLS. But we send it anyway for
+  // performance reasons.
+  return db
+    .$withAuth(authToken)
+    .select()
+    .from(schema.todos)
+    .where(eq(schema.todos.userId, sql`auth.user_id()`))
+    .orderBy(asc(schema.todos.insertedAt));
 }
 ```
 

content/docs/guides/neon-authorize.md

@@ -124,18 +124,15 @@ CREATE POLICY "create todos" ON "todos"
 Now, in your backend, you can simplify the logic, removing the user authentication checks and explicit authorization handling.
 
 ```typescript shouldWrap
-export async function insertTodo(newTodo: { newTodo: string }) {
+export async function insertTodo({ newTodo }: { newTodo: string }) {
   const { getToken } = auth();
   const authToken = await getToken();
+  const db = drizzle(process.env.DATABASE_AUTHENTICATED_URL!, { schema });
 
-  await fetchWithDrizzle(async (db) => {
-    return db.insert(schema.todos).values({
-      task: newTodo.newTodo,
-      isComplete: false,
-    });
+  return db.$withAuth(authToken).insert(schema.todos).values({
+    task: newTodo,
+    isComplete: false,
   });
-
-  revalidatePath('/');
 }
 ```