getSession returns/is null in hooks.server.ts (svelte5/sveltekit)
Here's relevant parts:
hooks.server.ts: ...try {
// Validate the token using getSession
const sessionData = await auth.api.getSession({
headers: event.request.headers // Includes Cookie: session=token
}); ...
i've confirmed through console.log that the "event.request.headers" contains a token (I'm using "auth.api.signInEmail" in routes/login/page.server.ts")
[previous code processed email and password input from a form - both email and password are present and valid]
try {
const loginResponse = await auth.api.signInEmail({
body: {
email: email,
password: password
},
// asResponse: true,
headers: request.headers
});
console.log('login - headers', request.headers);
console.log('login - session', JSON.stringify(loginResponse, null, 2));
if (!loginResponse.token) {
throw new Error('No token returned');
}
// Set session cookie
cookies.set('version1_session', loginResponse.token, {
path: '/',
maxAge: 30 * 24 * 60 * 60
// httpOnly: true,
// sameSite: 'lax'
// secure: process.env.NODE_ENV === 'production'
});
...
The database is being updated with session id, create/update dates, token, etc.
i've confirmed that the token. in the database is the same one found in the header in "hooks".
I've tried the "auth.api.getSession" in "routes/+layout.server.ts" and "routes/login/+page.server.ts" with same null result.
In looking at the better-auth code for the sessions.ts that exposes getSession, it appears (to my very novice eyes) that it should use that token to query the database and on finding the token, return a session object and a user object.
Any help would be GREATLY appreciated.
hooks.server.ts: ...try {
// Validate the token using getSession
const sessionData = await auth.api.getSession({
headers: event.request.headers // Includes Cookie: session=token
}); ...
i've confirmed through console.log that the "event.request.headers" contains a token (I'm using "auth.api.signInEmail" in routes/login/page.server.ts")
[previous code processed email and password input from a form - both email and password are present and valid]
try {
const loginResponse = await auth.api.signInEmail({
body: {
email: email,
password: password
},
// asResponse: true,
headers: request.headers
});
console.log('login - headers', request.headers);
console.log('login - session', JSON.stringify(loginResponse, null, 2));
if (!loginResponse.token) {
throw new Error('No token returned');
}
// Set session cookie
cookies.set('version1_session', loginResponse.token, {
path: '/',
maxAge: 30 * 24 * 60 * 60
// httpOnly: true,
// sameSite: 'lax'
// secure: process.env.NODE_ENV === 'production'
});
...
The database is being updated with session id, create/update dates, token, etc.
i've confirmed that the token. in the database is the same one found in the header in "hooks".
I've tried the "auth.api.getSession" in "routes/+layout.server.ts" and "routes/login/+page.server.ts" with same null result.
In looking at the better-auth code for the sessions.ts that exposes getSession, it appears (to my very novice eyes) that it should use that token to query the database and on finding the token, return a session object and a user object.
Any help would be GREATLY appreciated.
