I guess one alternative would be to wrap server functions in a Higher order component which takes in a token. This would work elegantly if we had createContext support on the server but I think that's not the case. (also again no way to get cookies on the server)

In my experience this happens in 2 parts: - Middlewares in backend (works for both cookies and jwt) - Having something like an interceptor in front end for embedding the token information in the request headers(for jwt) But I really can't find anything related to Middlewares in the backend.

How would you make Auth work with RSCs? By passing tokens to the ViewModels? What about cookies? I couldn't find anything related to Middlewares in the docs