🐛 Check for new session first (#1563)

2025-06-06 04:31:50 +02:00 · 2025-02-13 10:58:25 +07:00 · 2025-02-13 10:58:25 +07:00 · 6979c091f2
commit 6979c091f2
parent ff4a1d16cb
3 changed files with 46 additions and 22 deletions
--- a/apps/web/src/auth/edge/with-auth.ts
+++ b/apps/web/src/auth/edge/with-auth.ts
@ -15,19 +15,22 @@ export const withAuth = (
  middleware: (request: NextAuthRequest) => Promise<NextResponse>,
 ) => {
  return async (request: NextAuthRequest) => {
-    let legacySession: Session | null = null;
+    let session: Session | null = null;

    try {
-      legacySession = await getLegacySession();
+      session = await auth();
    } catch (e) {
      console.error(e);
    }

-    let session = legacySession;
+    let isLegacySession = false;

    if (!session) {
      try {
-        session = await auth();
+        session = await getLegacySession();
+        if (session) {
+          isLegacySession = true;
+        }
      } catch (e) {
        console.error(e);
      }
@ -50,7 +53,7 @@ export const withAuth = (

    const middlewareRes = await middleware(request);

-    if (legacySession) {
+    if (isLegacySession) {
      try {
        await migrateLegacyJWT(middlewareRes);
      } catch (e) {
--- a/apps/web/src/auth/legacy/next-auth-cookie-migration.ts
+++ b/apps/web/src/auth/legacy/next-auth-cookie-migration.ts
@ -2,6 +2,7 @@ import { absoluteUrl } from "@rallly/utils/absolute-url";
 import { cookies } from "next/headers";
 import type { NextResponse } from "next/server";
 import type { Session } from "next-auth";
+import type { JWT } from "next-auth/jwt";
 import { encode } from "next-auth/jwt";

 import { decodeLegacyJWT } from "./helpers/jwt";
@ -16,7 +17,7 @@ const newCookieName = prefix + "authjs.session-token";
 export async function getLegacySession(): Promise<Session | null> {
  const cookieStore = cookies();
  const legacySessionCookie = cookieStore.get(oldCookieName);
-  if (legacySessionCookie) {
+  if (legacySessionCookie && legacySessionCookie.value) {
    const decodedCookie = await decodeLegacyJWT(legacySessionCookie.value);

    if (decodedCookie?.sub) {
@ -45,19 +46,29 @@ async function getLegacyJWT() {
  return null;
 }

-/**
- * Replace the old legacy cookie with the new one
- */
-export async function migrateLegacyJWT(res: NextResponse) {
-  const legacyJWT = await getLegacyJWT();
+function deleteLegacyCookie(res: NextResponse) {
+  const cookieStore = cookies();
+  const oldCookie = cookieStore.get(oldCookieName);
+  if (oldCookie) {
+    // Delete the old cookie
+    res.cookies.set(oldCookieName, oldCookie.value, {
+      httpOnly: true,
+      secure: isSecureCookie,
+      expires: new Date(0),
+      sameSite: "lax",
+      path: "/",
+    });
+  }
+}

-  if (legacyJWT) {
+async function setNewSessionCookie(res: NextResponse, jwt: JWT) {
  const newJWT = await encode({
-      token: legacyJWT,
+    token: jwt,
    secret: process.env.SECRET_PASSWORD,
    salt: newCookieName,
  });

+  // Set new session cookie
  res.cookies.set(newCookieName, newJWT, {
    httpOnly: true,
    secure: isSecureCookie,
@ -65,6 +76,16 @@ export async function migrateLegacyJWT(res: NextResponse) {
    sameSite: "lax",
    path: "/",
  });
-    res.cookies.delete(oldCookieName);
+}
+
+/**
+ * Replace the old legacy cookie with the new one
+ */
+export async function migrateLegacyJWT(res: NextResponse) {
+  const legacyJWT = await getLegacyJWT();
+
+  if (legacyJWT) {
+    await setNewSessionCookie(res, legacyJWT);
+    deleteLegacyCookie(res);
  }
 }
--- a/apps/web/src/next-auth.ts
+++ b/apps/web/src/next-auth.ts
@ -177,12 +177,12 @@ const {
 });

 const auth = async () => {
-  const session = await getLegacySession();
+  const session = await originalAuth();
  if (session) {
    return session;
  }

-  return originalAuth();
+  return getLegacySession();
 };

 export { auth, handlers, signIn, signOut };