Better Auth•2w ago

How to refresh user/session data?

I'm having a hard time figuring out how to refresh the user/session data after the field values in the user schema gets updated. Scenario: When setting the email_verified to true/false in the database, the user object returned from still contains the old value of this field, making it confusing for the user to see if their email verification worked or not. The only way to update this is for the use to log out and back in, which isn't ideal of course.

18 Replies

Vlad•2w ago

Do you use cookie cache?

Lady DemerzelOP•2w ago

I don't I do use redis as my secondary storage

Vlad•2w ago

Oh, it might be the issue

Lady DemerzelOP•7d ago

Looks like that's indeed the issue Is there a way to tell better-auth to save sessions exclusively in the database and use the redis storage only for rate limits? Bump

begot•7d ago

how are they logging in if they aren't verified? that should not work

Lady DemerzelOP•7d ago

because i do not require them to verify their email on signup

emailVerification: {
  sendOnSignUp: true,
  autoSignInAfterVerification: true,
  sendVerificationEmail: async ({ user, url }) => {
    if (dev) return; // Skip sending emails in development
    const result = await EmailService.sendVerificationEmail(user.email, url, PUBLIC_BASE_URL);

    if (!result.success) {
      console.error("Failed to send verification email:", result.error);
    }
  }
},

emailVerification: {
  sendOnSignUp: true,
  autoSignInAfterVerification: true,
  sendVerificationEmail: async ({ user, url }) => {
    if (dev) return; // Skip sending emails in development
    const result = await EmailService.sendVerificationEmail(user.email, url, PUBLIC_BASE_URL);

    if (!result.success) {
      console.error("Failed to send verification email:", result.error);
    }
  }
},

begot•7d ago

if you do it would fix this issue you could also fetch the session like this, which should force update the session for you.

// ...

const session = await auth.api.getSession({
  headers: await headers(),
  query: {
    disableCookieCache: true,
  },
})

// ...

// ...

const session = await auth.api.getSession({
  headers: await headers(),
  query: {
    disableCookieCache: true,
  },
})

// ...

Lady DemerzelOP•7d ago

It will not, as they can change their email in their settings, which will update the email_verified column to FALSE, but not be represented in the UI as the session isn't being updated. Besides, the issue is that the session isn't being updated when using secondary-storage, causing any updates to the user info to be not updated instantly, and there is no option to disable sessions being stored in the secondary storage. I do not have cookie caching enabled in the first place

Lady DemerzelOP•7d ago

https://www.better-auth.com/docs/guides/optimizing-for-performance#cookie-cache

Optimizing for Performance | Better Auth

A guide to optimizing your Better Auth application for performance.

begot•7d ago

sure, but that is another layer which was not apart of the original issue. i'm also using secondary storage, and my sessions are up-to-date upon refresh

// ...

  secondaryStorage: envValue(undefined, {
    get: async (key) => {
      const value = await upstash.get(key)
      return value ? value : null
    },
    set: async (key, value, ttl) => {
      if (ttl) await upstash.set(key, value, { ex: ttl })
      else await upstash.set(key, value)
    },
    delete: async (key) => {
      await upstash.del(key)
    },
  }),

// ...

// ...

  secondaryStorage: envValue(undefined, {
    get: async (key) => {
      const value = await upstash.get(key)
      return value ? value : null
    },
    set: async (key, value, ttl) => {
      if (ttl) await upstash.set(key, value, { ex: ttl })
      else await upstash.set(key, value)
    },
    delete: async (key) => {
      await upstash.del(key)
    },
  }),

// ...

what version are you on?

Lady DemerzelOP•7d ago

i'm also using secondary storage, and my sessions are up-to-date upon refresh

that's interesting 1.3.27

begot•7d ago

let me try that version now to further clarify, i'm in a turborepo project with a next.js web app. and i'm using the prisma adapter for better-auth. might be a version thing, lets find out, hold on

Lady DemerzelOP•7d ago

might be a framework thing

begot•7d ago

maybe

Lady DemerzelOP•7d ago

as I'm using sveltekit with drizzle

begot•7d ago

yeah maybe

Lady DemerzelOP•7d ago

this is my better-auth config

auth.ts

begot•7d ago

i don't see why this would affect session freshness. might be worth raising a github issue for this for what its worth i tried version 1.3.27 with no issue. so its not a version issue, at least in my environment

Gaming

Programming

How to refresh user/session data?

Did you find this page helpful?