'Unable to match input value to any allowed input type for the field.' regarding expiresAt field.

[samkbe]

Hello, I am getting an error when trying to add a session in my Postgres DB with my expiresAt field I believe.

Here is my Session table in my Prisma schema:

model Session {
  id        String   @id
  sid       String   @unique
  data      String
  expiresAt   DateTime
}

Here is the error message I am getting:

Error:
Invalid `this.prisma[this.sessionModelName].update()` invocation in
/Users/eyffan/Desktop/artbox/node_modules/.pnpm/@quixo3+prisma-session-store@3.1.10_tbn7ymyqz2xwexxxhtnbhlklda/node_modules/@quixo3/prisma-session-store/dist/lib/prisma-session-store.js:606:81

  603 existingSession = _b.sent();
  604 if (!(existingSession !== null)) return [3 /*break*/, 5];
  605 existingSessionData = __assign(__assign({}, this.serializer.parse((_a = existingSession.data) !== null && _a !== void 0 ? _a : '{}')), { cookie: session.cookie });
→ 606 return [4 /*yield*/, this.prisma[this.sessionModelName].update(
Failed to validate the query: `Unable to match input value to any allowed input type for the field. Parse errors: [Query parsing/validation error at `Mutation.updateOneSession.data.SessionUpdateInput.expiresAt`: Unable to match input value to any allowed input type for the field. Parse errors: [Query parsing/validation error at `Mutation.updateOneSession.data.SessionUpdateInput.expiresAt`: A value is required but not set., Query parsing/validation error at `Mutation.updateOneSession.data.SessionUpdateInput.expiresAt`: A value is required but not set.], Query parsing/validation error at `Mutation.updateOneSession.data.SessionUncheckedUpdateInput.expiresAt`: Unable to match input value to any allowed input type for the field. Parse errors: [Query parsing/validation error at `Mutation.updateOneSession.data.SessionUncheckedUpdateInput.expiresAt`: A value is required but not set., Query parsing/validation error at `Mutation.updateOneSession.data.SessionUncheckedUpdateInput.expiresAt`: A value is required but not set.]]` at `Mutation.updateOneSession.data`
    at RequestHandler.handleRequestError (/Users/eyffan/Desktop/artbox/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:35024:13)
    at RequestHandler.handleAndLogRequestError (/Users/eyffan/Desktop/artbox/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:34996:12)
    at RequestHandler.request (/Users/eyffan/Desktop/artbox/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:34991:12)
    at PrismaClient._request (/Users/eyffan/Desktop/artbox/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:36082:16)

I logged the expiresAt variable inside /Users/eyffan/Desktop/artbox/node_modules/.pnpm/@quixo3+prisma-session-store@3.1.10_tbn7ymyqz2xwexxxhtnbhlklda/node_modules/@quixo3/prisma-session-store/dist/lib/prisma-session-store.js:606:81

And it logs: Invalid Date

case 3:
                        console.log('EXPIRESAT: ', expiresAt); //Logs to: Invalid Date
                        existingSession = _b.sent();
                        if (!(existingSession !== null)) return [3 /*break*/, 5];
                        existingSessionData = __assign(__assign({}, this.serializer.parse((_a = existingSession.data) !== null && _a !== void 0 ? _a : '{}')), { cookie: session.cookie });
                        return [4 /*yield*/, this.prisma[this.sessionModelName].update({
                                where: { sid: existingSession.sid },
                                data: {
                                    expiresAt: expiresAt,
                                    data: this.serializer.stringify(existingSessionData),
                                },
                            })];

Perhaps I have configured something wrong in my Express-Session middleware regarding cookie expiration time?

app.use(
  session({
    name: 'siwe-quickstart',
    secret: 'siwe-quickstart-secret',
    resave: true,
    saveUninitialized: true,
    cookie: { secure: false, sameSite: false, maxAge: 6000 },
    rolling: true,
    store: new PrismaSessionStore(prismaClient, {
      checkPeriod: 2 * 60 * 1000, //ms
      dbRecordIdIsSessionId: true,
      dbRecordIdFunction: undefined,
      enableConcurrentSetInvocationsForSameSessionID: true,
      enableConcurrentTouchInvocationsForSameSessionID: true,
    }),
  }),
);

Thank you very much for your help!

[kleydon]

Hi @samkbe - thanks for the issue report.

Not sure what is going on here... Is it something you are experiencing repeatably?

If it is at all possible for you to post a distilled reproduction PR, ideally dockerized, or using an SQLite db file (if the issue is replicable using SQLite as your db), it could go a long way towards figuring out what is going on. (The more eyes on the problem, the easier it gets!)

I am using this lib with Postgres with the following settings, and haven't yet seen this issue:

// Session store
const sessionStore = new PrismaSessionStore(
  prisma, 
  {
    checkPeriod: 2 * 60 * 1000,  //ms
    dbRecordIdIsSessionId: true,
    dbRecordIdFunction: undefined,
    logger:console,
    loggerLevel:'log',
  }
)

const sessionParams = {
  name: 'id', //Be generic here; https://lockmedown.com/securing-node-js-managing-sessions-express-js/
  secret: <secret>,
  resave: false, //Set to false iff store implements touch()
  saveUninitialized: false,
  // Cookie security notes:
  // https://odino.org/security-hardening-http-cookies/
  // https://web.dev/same-site-same-origin/
  // https://jub0bs.com/posts/2021-01-29-great-samesite-confusion/
  cookie: {
    httpOnly: true,
    secure: true, // If using https
    sameSite: 'strict' as 'strict' | 'lax' | 'none' | boolean | undefined,
    maxAge: <MAX_LOGGING_IN_COOKIE_AGE_MS>
  },
  store: sessionStore,
}