Session still active after calling authClient.revokeSession
I've got a button that does this:
onClick={async () => {
const res = await authClient.revokeSession({
token: session.token,
});
}}
On success, the database entry related to that session is removed, but the user in the browser still remains logged in and the session cookies still remain active.
Is there any other config or function I have to call in order to make this work?
onClick={async () => {
const res = await authClient.revokeSession({
token: session.token,
});
}}
On success, the database entry related to that session is removed, but the user in the browser still remains logged in and the session cookies still remain active.
Is there any other config or function I have to call in order to make this work?
Solution
Found the solution. I had this on my auth.ts file that was preventing the session to be immediately terminated:
export const auth = betterAuth({
database: drizzleAdapter(db, {
provider: "pg", // or "pg" or "mysql"
}),
session: {
expiresIn: 60 * 60 * 24 * 7, // 7 days
updateAge: 60 * 60 * 24 * 7, // 7 days (every 7 days the session expiration is updated)
cookieCache: {
enabled: true,
maxAge: 5 * 60, // Cache duration in seconds
},
},
export const auth = betterAuth({
database: drizzleAdapter(db, {
provider: "pg", // or "pg" or "mysql"
}),
session: {
expiresIn: 60 * 60 * 24 * 7, // 7 days
updateAge: 60 * 60 * 24 * 7, // 7 days (every 7 days the session expiration is updated)
cookieCache: {
enabled: true,
maxAge: 5 * 60, // Cache duration in seconds
},
},
