tRPC v11 最佳实践：Next.js 与 TypeScript 端到端类型安全 API 开发指南

trpc by mindrally/skills

170 周安装量

55 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/mindrally/skills --skill trpc

Node.js TypeScript API

🇨🇳中文介绍

tRPC 最佳实践

您是 tRPC v11、TypeScript 和 Next.js 开发领域的专家。tRPC 实现了端到端的类型安全 API，使您能够无需模式、代码生成或运行时错误即可构建和使用 API。

要求

TypeScript >= 5.7.2
启用 TypeScript 严格模式

项目结构

src/
  pages/
    _app.tsx              # createTRPCNext 设置
    api/
      trpc/
        [trpc].ts         # tRPC HTTP 处理器
  server/
    routers/
      _app.ts             # 主路由器
      [feature].ts        # 特定功能路由器
    context.ts            # 应用上下文
    trpc.ts               # 过程辅助函数
  utils/
    trpc.ts               # 类型安全的 React 钩子

服务端设置

初始化 tRPC 后端

每个应用初始化一次 tRPC 后端。导出可复用的路由器和过程辅助函数：

// server/trpc.ts
import { initTRPC } from '@trpc/server';
import superjson from 'superjson';

const t = initTRPC.context<Context>().create({
  transformer: superjson,
});

export const router = t.router;
export const publicProcedure = t.procedure;
export const protectedProcedure = t.procedure.use(isAuthed);
export const adminProcedure = t.procedure.use(isAdmin);

创建功能路由器

按功能/领域组织路由器。使用 Zod 进行输入验证：

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

配置 tRPC 客户端

// utils/trpc.ts
import { httpBatchLink } from '@trpc/client';
import { createTRPCNext } from '@trpc/next';
import superjson from 'superjson';
import type { AppRouter } from '../server/routers/_app';

function getBaseUrl() {
  if (typeof window !== 'undefined') return '';
  if (process.env.VERCEL_URL) return `https://${process.env.VERCEL_URL}`;
  return `http://localhost:${process.env.PORT ?? 3000}`;
}

export const trpc = createTRPCNext<AppRouter>({
  config() {
    return {
      transformer: superjson,
      links: [
        httpBatchLink({
          url: `${getBaseUrl()}/api/trpc`,
          maxURLLength: 2083,
        }),
      ],
    };
  },
  ssr: false,
});

始终使用 Zod 对所有过程输入进行类型安全和运行时验证：

.input(z.object({
  email: z.string().email(),
  age: z.number().min(0).max(120),
}))

按功能/领域而非单一整体路由器来构建路由器结构。每个功能应有其自己的路由器文件。

为身份验证、日志记录和横切关注点实现中间件：

const isAuthed = t.middleware(({ ctx, next }) => {
  if (!ctx.user) {
    throw new TRPCError({ code: 'UNAUTHORIZED' });
  }
  return next({ ctx: { user: ctx.user } });
});

使用 TRPCError 提供一致且信息丰富的错误响应：

import { TRPCError } from '@trpc/server';

throw new TRPCError({
  code: 'NOT_FOUND',
  message: 'User not found',
});

应用 SuperJSON 以自动序列化日期、Map、Set 和其他 JavaScript 类型：

import superjson from 'superjson';

const t = initTRPC.create({
  transformer: superjson,
});

6. React Query 集成

利用 tRPC 内置的 React Query 工具进行数据获取、变更和缓存：

// 查询
const { data, isLoading } = trpc.user.getById.useQuery({ id: '123' });

// 变更
const mutation = trpc.user.update.useMutation({
  onSuccess: () => {
    utils.user.getById.invalidate();
  },
});

// 预取
await utils.user.getById.prefetch({ id: '123' });

通过上下文在过程之间共享资源（数据库连接、用户会话）：

// server/context.ts
export async function createContext({ req, res }: CreateNextContextOptions) {
  const user = await getUser(req);
  return {
    db: prisma,
    user,
    req,
    res,
  };
}

export type Context = Awaited<ReturnType<typeof createContext>>;

仅向客户端代码导出类型签名，切勿导出路由器实现：

// 仅导出类型
export type AppRouter = typeof appRouter;

// 切勿将实际路由器导出到客户端代码

为不同的授权级别创建不同的过程类型：

export const publicProcedure = t.procedure;
export const protectedProcedure = t.procedure.use(isAuthed);
export const adminProcedure = t.procedure.use(isAuthed).use(isAdmin);

使用 httpBatchLink 启用请求批处理
配置 maxURLLength 以防止 URL 长度问题
为静态/可预测数据实现预取
使用 React Query 的缓存策略

应避免的反模式

不要使用 any 类型 - 充分利用 tRPC 的完整类型推断
不要跳过输入验证
不要向客户端暴露内部错误
不要混合服务器和客户端代码
不要创建过大的路由器 - 按功能拆分

🇺🇸English

tRPC Best Practices

You are an expert in tRPC v11, TypeScript, and Next.js development. tRPC enables end-to-end typesafe APIs, allowing you to build and consume APIs without schemas, code generation, or runtime errors.

Requirements

TypeScript >= 5.7.2
Strict TypeScript mode enabled

Project Structure

src/
  pages/
    _app.tsx              # createTRPCNext setup
    api/
      trpc/
        [trpc].ts         # tRPC HTTP handler
  server/
    routers/
      _app.ts             # Main router
      [feature].ts        # Feature-specific routers
    context.ts            # App context
    trpc.ts               # Procedure helpers
  utils/
    trpc.ts               # Typesafe React hooks

Server-Side Setup

Initialize tRPC Backend

Initialize tRPC backend once per application. Export reusable router and procedure helpers:

// server/trpc.ts
import { initTRPC } from '@trpc/server';
import superjson from 'superjson';

const t = initTRPC.context<Context>().create({
  transformer: superjson,
});

export const router = t.router;
export const publicProcedure = t.procedure;
export const protectedProcedure = t.procedure.use(isAuthed);
export const adminProcedure = t.procedure.use(isAdmin);

Create Feature Routers

Organize routers by feature/domain. Use Zod for input validation:

// server/routers/user.ts
import { z } from 'zod';
import { router, publicProcedure, protectedProcedure } from '../trpc';

export const userRouter = router({
  getById: publicProcedure
    .input(z.object({ id: z.string() }))
    .query(async ({ input, ctx }) => {
      return ctx.db.user.findUnique({ where: { id: input.id } });
    }),

  update: protectedProcedure
    .input(z.object({
      name: z.string().min(1),
      email: z.string().email(),
    }))
    .mutation(async ({ input, ctx }) => {
      return ctx.db.user.update({
        where: { id: ctx.user.id },
        data: input,
      });
    }),
});

Main App Router

// server/routers/_app.ts
import { router } from '../trpc';
import { userRouter } from './user';
import { postRouter } from './post';

export const appRouter = router({
  user: userRouter,
  post: postRouter,
});

export type AppRouter = typeof appRouter;

Client-Side Setup

Configure tRPC Client

// utils/trpc.ts
import { httpBatchLink } from '@trpc/client';
import { createTRPCNext } from '@trpc/next';
import superjson from 'superjson';
import type { AppRouter } from '../server/routers/_app';

function getBaseUrl() {
  if (typeof window !== 'undefined') return '';
  if (process.env.VERCEL_URL) return `https://${process.env.VERCEL_URL}`;
  return `http://localhost:${process.env.PORT ?? 3000}`;
}

export const trpc = createTRPCNext<AppRouter>({
  config() {
    return {
      transformer: superjson,
      links: [
        httpBatchLink({
          url: `${getBaseUrl()}/api/trpc`,
          maxURLLength: 2083,
        }),
      ],
    };
  },
  ssr: false,
});

Key Best Practices

1. Input Validation

Always use Zod for type safety and runtime validation on all procedure inputs:

.input(z.object({
  email: z.string().email(),
  age: z.number().min(0).max(120),
}))

2. Router Organization

Structure routers by feature/domain rather than one monolithic router. Each feature should have its own router file.

3. Middleware Implementation

Implement middleware for authentication, logging, and cross-cutting concerns:

const isAuthed = t.middleware(({ ctx, next }) => {
  if (!ctx.user) {
    throw new TRPCError({ code: 'UNAUTHORIZED' });
  }
  return next({ ctx: { user: ctx.user } });
});

4. Error Handling

Use TRPCError for consistent, informative error responses:

import { TRPCError } from '@trpc/server';

throw new TRPCError({
  code: 'NOT_FOUND',
  message: 'User not found',
});

5. Data Transformers

Apply SuperJSON for automatic serialization of dates, Maps, Sets, and other JavaScript types:

import superjson from 'superjson';

const t = initTRPC.create({
  transformer: superjson,
});

6. React Query Integration

Leverage tRPC's built-in React Query utilities for data fetching, mutations, and caching:

// Queries
const { data, isLoading } = trpc.user.getById.useQuery({ id: '123' });

// Mutations
const mutation = trpc.user.update.useMutation({
  onSuccess: () => {
    utils.user.getById.invalidate();
  },
});

// Prefetching
await utils.user.getById.prefetch({ id: '123' });

7. Context Creation

Share resources (database connections, user sessions) across procedures via context:

// server/context.ts
export async function createContext({ req, res }: CreateNextContextOptions) {
  const user = await getUser(req);
  return {
    db: prisma,
    user,
    req,
    res,
  };
}

export type Context = Awaited<ReturnType<typeof createContext>>;

8. Type Exports

Export only type signatures to client code, never router implementations:

// Only export the type
export type AppRouter = typeof appRouter;

// Never export the actual router to client code

9. Authorization Levels

Create distinct procedure types for different authorization levels:

export const publicProcedure = t.procedure;
export const protectedProcedure = t.procedure.use(isAuthed);
export const adminProcedure = t.procedure.use(isAuthed).use(isAdmin);

10. Performance Optimization

Enable request batching with httpBatchLink
Configure maxURLLength to prevent URL length issues
Implement prefetching for static/predictable data
Use React Query's caching strategies

Anti-Patterns to Avoid

Do not use any types - leverage tRPC's full type inference
Do not skip input validation
Do not expose internal errors to clients
Do not mix server and client code
Do not create overly large routers - split by feature

Weekly Installs

129

Repository

mindrally/skills

GitHub Stars

First Seen

Jan 25, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass

Installed on

gemini-cli110

opencode109

codex106

github-copilot103

cursor100

amp97

lark-cli 共享规则：飞书资源操作指南与权限配置详解

39,000 周安装

tRPC v11 最佳实践：Next.js 与 TypeScript 端到端类型安全 API 开发指南

🇨🇳中文介绍

tRPC 最佳实践

要求

项目结构

服务端设置

初始化 tRPC 后端

创建功能路由器

相关 Skills

主应用路由器

客户端设置

配置 tRPC 客户端

关键最佳实践

1. 输入验证

2. 路由器组织

3. 中间件实现

4. 错误处理

5. 数据转换器