Store user token info in Next-Auth db/in memory storage

[anncatton]

The Next-Auth session stores its data in cookies, so adding the necessary tokens for our authentication flow to the session object creates very large cookie headers (9kb +). This is in turn causes issues with the reverse proxies in the ohcrn-dev cluster, resulting in server errors when redirecting from Keycloak to the Consent UI. For the time being, devops has made some adjustments to the Nginx configuration in the dev cluster to increase allowed header/proxy buffer sizes. This is just a stop gap solution to unblock work on the UI auth flow.

The full solution is to move the token info out of the session object and into either a database or in memory storage solution, and have the session store a key to access this user info. Next-Auth provides options for this with their Database session strategy:

https://authjs.dev/concepts/session-strategies#database https://github.com/nextauthjs/next-auth/blob/main/packages/adapter-pg/src/index.ts https://authjs.dev/guides/basics/refresh-token-rotation

Some suggested approaches from @joneubank : look into the adapters available for both:

• in memory storage (not using a db, just stashing data in memory, would work for single instance setups and faster to get running)
• redis - as a light weight option with no schema concerns like a postgres db would have. mongodb may also be an option here and has built in support

[b-f-chan]

See if @joneubank willing to take this on