Infinite Redirect - NextJS
Hey,
I am having an issue when my DB is reset during development that I am not ever able to clear the now invalid cookies. Obviously this in general should never be an issue but if it does happen then the only way for a end user to recover is by manually deleting their cookies which is unreasonable. (This could happen in production if a user clears all their sessions for example.)
In my middleware I am using getSessionCookie(), which for this situation will return true. Then in my server component I am calling, await auth.api.getSession({
headers: await headers(),
}).
I would think that the getSession would clear out the cookie if it fails to retrieve the session but it doesn't seem to work that way. Anyone have good tips on how to clear the cookies for this situation? I want to avoid manually setting the max age on the cookies if I can. Documentation didn't really prove useful unfortunately either...
Solution:Jump to solution
The issue seemed to be with trying to redirect in the page rather than letting my middleware handle that, I am guessing the redirect hijacked the response from the auth call which would have caused the clearing of cookies.
2 Replies
The code here: https://github.com/better-auth/better-auth/blob/557dc39c32ca639a3b221d93250eb4b828120378/packages/better-auth/src/api/routes/session.ts#L81
Makes me think that it should be causing the browser to clear the cookies though. Is that what the expected behaviour is?
GitHub
better-auth/packages/better-auth/src/api/routes/session.ts at 557dc...
The most comprehensive authentication framework for TypeScript - better-auth/better-auth
Solution
The issue seemed to be with trying to redirect in the page rather than letting my middleware handle that, I am guessing the redirect hijacked the response from the auth call which would have caused the clearing of cookies.