New session cookie generated every time /session is called #1934
Comments
|
You have to use some kind of caching for the session. See the Provider docs If you use |
balazsorban44
added
question
|
Thanks for the reply but that probably doesn't answer the initial question: why a new session is created if the old one is not expired? |
|
When you don't cache the response, it means that every call of And the API does update the expiry time as seen here: https://github.com/nextauthjs/next-auth/blob/main/src/server/routes/session.js This is to keep your session alive. Happens in both cases when you use JWT or database sessions as well. |
|
Does someone have a sample code to cache the session ? I have not found any viable solution and |
Same issue, have you found any solution? |
Description 🐜
Everytime the application page is loaded a call to
/sessionis done. This sets a new cookie even if the old cookie is not expired. I'm wondering if this behaviour is wrong and no cookie should be set if one valid is already available. Same happens when the session is checked after the setup time intervalHow to reproduce ☕️
You can simply see this happening in the demo app
Screenshots / Logs 📽
The set-cookie always happens
Environment 🖥
Please run this command:
System:
OS: Linux 5.4 KDE neon 5.21
CPU: (8) x64 Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Memory: 666.77 MB / 15.51 GB
Container: Yes
Shell: 5.0.17 - /bin/bash
Binaries:
Node: 14.16.1 - /usr/bin/node
Yarn: 1.22.10 - ~/.npm-global/bin/yarn
npm: 6.14.12 - /usr/bin/npm
Browsers:
Brave Browser: 90.1.23.75
Chrome: 90.0.4430.93
Firefox: 88.0
npmPackages:
next-auth: ^3.15.5 => 3.15.9
Contributing 🙌🏽
It takes a lot of work 🏋🏻♀️ maintaining a library like
next-auth; any contribution is more than welcome 💚In case you're willing to help fix this bug, please let us know here, and we'll reach you 😊 . Otherwise, you can have a look at the issues labelled with
"good first issue"and pick any of them.The text was updated successfully, but these errors were encountered: