Feat: better-auth #1321
Feat: better-auth #1321
Conversation
| // }) | ||
| //import { client } from "@acme/auth/middleware"; | ||
|
|
||
| export default function authMiddleware(_request: NextRequest) { |
There was a problem hiding this comment.
don't you need something to handle session refreshing?
There was a problem hiding this comment.
[Should update by itself](https://www.better-auth.com/docs/concepts/session-management)
There was a problem hiding this comment.
not sure how that works in next.js where you can only set headers in server actions and middleware though?
when a user is browsing pages they won't be refreshing their session, right
There was a problem hiding this comment.
The session is refreshed whenever /get-session is called, whether it's from a server action, middleware, or from the client. Only server component calls won't be able to do this because they can't set cookies. But, the session in the database will still be refreshed.
There was a problem hiding this comment.
yea so I'm right in assuming that if we don't have a middleware in this repo, the session wouldn't be refreshed since we're only making authApi calls from RSCs?
There was a problem hiding this comment.
yes. I'm assuming when there's a trpc call where getSession is called to check for the session, it'll be refreshed. But we can also have the middleware. And, if it can only support Next.js 15.2 and above, we can switch to auth.api.getSession. Which will remove the API call and uses cookie caching, to prevent db calls until the cache is invalid
https://www.better-auth.com/docs/integrations/next#for-nextjs-release-1520-and-above
Closes #397
Closes #1241