Open nphmuller opened 5 days ago
Opened PR with an initial solution that works functionally, but I'm not sure if the implementation is acceptable. https://github.com/nextauthjs/next-auth/pull/11854
Ah, it seems there was a PR opened already recently with a solution for this problem... https://github.com/nextauthjs/next-auth/pull/11829
Having same issue
I have the same problem also, if someone finds an fix please tag me
Environment
Reproduction URL
https://github.com/nphmuller/repro-middleware-cookie/commit/d3082fdccb9eb7d18a1a5b817919823681b1ef8b
Describe the issue
When updating the session cookie in the jwt callback (for example when refreshing an access token) using middleware, the updated session cookie is not available in a server component that gets rendered next, resulting in the access token being refreshed twice.
How to reproduce
https://github.com/nphmuller/repro-middleware-cookie/commit/d3082fdccb9eb7d18a1a5b817919823681b1ef8b contains a full repro, but this is the gist:
Update the token in the jwt callback like this: (this simulates a token that is valid for 10 seconds)
Make sure next-auth is called via a middleware (already the default in
next-auth-example
).Now run
nom run dev
and open the main page.Expected behavior
The console output
refreshing token....
should be printed once, but it's printed multiple times.This happens because the new session cookie with the refreshed token, created in the middleware, is not passed to the server component.