Why does @supabase/ssr@0.4.0 set 2 different cookies?

[remorses]

Improve documentation for authentication cookies

Problem

• Previously: Single cookie sb-cqsizljceopjyurqfajr-auth-token
• Now: Two cookies sb-cqsizljceopjyurqfajr-auth-token.0 and sb-cqsizljceopjyurqfajr-auth-token.1

Requested Improvements

1. Explain the purpose of two cookies
2. Clarify which cookie Supabase uses

Context

I am using supabase to authenticate requests in a separate sdk so i need to pass these cookies manually, i need to know if the sb-cqsizljceopjyurqfajr-auth-token will continue to work in the future or if I should start setting 2 cookies now

[j4w8n]

Since browsers limit the max size a single cookie can be, the SSR package sometimes needs to chunk larger cookies into multiple. This typically happens with sessions from OAuth logins, but it's possible with other methods as well.

In these cases, when the session value is needed, the SSR package grabs all of the chunked auth cookies, reassembles them, and returns the session value. Therefore, in your situation, you need both cookies.

This chunking process started pre v0.4.0. Actually, I think the auth helper packages did this as well.

[remorses]

Ok thank you, I think I didn’t see the problem before because I didn’t use Google oauth which increases the session size