Session not being persisted when I close the browser

[pbteja1998]

Hi, Is there a way to persist the session? As soon as I close the browser, the user is being logged out.

When I saw the cookies that are set, I see Expires/Max-Age value of next-auth.session-token set to Session. I am using the default configuration. By default, I assumed the max-age will be set to 30 days as per documentation. But that doesn't seem to be the case. Am I missing something?

[balazsorban44]

Hi there, could you create a reproduction for this, cause what you are saying does not hold up:

The session token WILL by default expire in 30 days. In addition, any time the /api/auth/session endpoint is invoked, the session will be updated to expire the next 30 days from the moment the session endpoint's response is received by the browser.

[pbteja1998]

@balazsorban44
Hi, you can take a look at https://github.com/pbteja1998/nextjs-starter

This might be related to the new Fauna adapter that is in the works.

Here is my fauna adapter file - https://github.com/pbteja1998/nextjs-starter/blob/master/src/adapters/fauna/index.ts

Copied directly from #708

---

EDIT:
You can find the demo of the site at https://next-starter.bhanuteja.dev

Edit2:
In the fauna db, the expiresAt is being set correctly. The only problem is with the cookie - in which the maxAge is being set to Session.

[balazsorban44]

Yeah, I guess it is some kind of calculation issue on the session age. I think the session age is somehow set to a lower value than the current date, in that case, the max-age will be set to Session. I would start debugging where this goes wrong.

[pbteja1998]

Where is this calculation being done? Is it in the fauna adapter file or in some other file in next-auth codebase?

[balazsorban44]

In the adapter, the one you just linked. I would check the updateSession function to begin with.

Also, here is the code being called when calling the /api/auth/session endpoint:

next-auth/src/server/routes/session.js

Lines 61 to 94 in 78fd783

	const { getUser, getSession, updateSession } = await adapter.getAdapter(options)
	const session = await getSession(sessionToken)
	if (session) {
	// Trigger update to session object to update session expiry
	await updateSession(session)
	const user = await getUser(session.userId)
	// By default, only exposes a limited subset of information to the client
	// as needed for presentation purposes (e.g. "you are logged in as…").
	const defaultSessionPayload = {
	user: {
	name: user.name,
	email: user.email,
	image: user.image
	},
	accessToken: session.accessToken,
	expires: session.expires
	}
	// Pass Session through to the session callback
	const sessionPayload = await callbacks.session(defaultSessionPayload, user)
	// Return session payload as response
	response = sessionPayload
	// Set cookie again to update expiry
	cookie.set(res, cookies.sessionToken.name, sessionToken, { expires: session.expires, ...cookies.sessionToken.options })
	await dispatchEvent(events.session, { session: sessionPayload })
	} else if (sessionToken) {
	// If sessionToken was found set but it's not valid for a session then
	// remove the sessionToken cookie from browser.
	cookie.set(res, cookies.sessionToken.name, '', { ...cookies.sessionToken.options, maxAge: 0 })

As you can see, this should update the cookie expiry whenever session is accessed. In case the sessionToken was found but invalid, the cookie will be removed. So I would also check the getSession function.

(Hint: add debug: true to your NextAuth options to log more information while debugging)

[pbteja1998]

Ok, thanks. Will try to debug. If you are able to figure it out before me, please update it here.

[pbteja1998]

Found it in the below line.
https://github.com/pbteja1998/nextjs-starter/blob/master/src/adapters/fauna/index.ts#L284

It should be session.data.expires not session.expires

[pbteja1998]

Changing it like above did not fix it.

[pbteja1998]

@balazsorban44 I was able to fix it. Thanks for pointing out the relevant code.

Here is the diff:
pbteja1998/nextjs-starter@9d885ae

[balazsorban44]

Awesome!

[balazsorban44]

@ndom91 Should this be dealt with in the Fauna adapter we introduced in #708?

[pbteja1998]

@ndom91 Should this be dealt with in the Fauna adapter we introduced in #708?

Tag me if necessary. I am happy to open up PR with these additions.

[ndom91]

@balazsorban44 yeah I'd say update that file in the fauna adapter. This only affects that adapter, right?

Good work @pbteja1998!

[balazsorban44]

As far as I know. (haven't tested other adapters). @pbteja1998 then we would be glad to accept a PR from you to fix this! 🙂

[pbteja1998]

I'm on it.

[pbteja1998]

@balazsorban44 Opened the PR at #1134