Theo's Typesafe Cult•2y ago

How do I solve for a persisting session on Next-auth when User is deleted from DB.

I am currently finding that My user auth sessions are persisted even when I have cleared my db. What is the cleanest way around this. If possible kindly share a solution when using the jwt strategy as well

9 Replies

barry•2y ago

cascading show your model for the sessions

Mik3y-FOP•2y ago

model Session {
    id           String   @id @default(cuid())
    sessionToken String   @unique
    userId       String
    expires      DateTime
    user         User     @relation(fields: [userId], references: [id], onDelete: Cascade)

    @@index([userId])
}

model Session {
    id           String   @id @default(cuid())
    sessionToken String   @unique
    userId       String
    expires      DateTime
    user         User     @relation(fields: [userId], references: [id], onDelete: Cascade)

    @@index([userId])
}

barry•2y ago

wait what oh you're using jwt's yeah just dont use jwt's this is simply a flaw with jwt's

Mik3y-FOP•2y ago

okay, and there's no way to go around it when using jwts ?

barry•2y ago

☠️ just dont use jwts

barry•2y ago

https://tenor.com/view/problem-solved-simpsons-end-of-story-gif-10065151

Tenor

problem solved

Mik3y-FOP•2y ago

okay, noted. Kind sir 😅

Neto•2y ago

but if you do use jwt dont use long living ones like 1~2 minutes of ttl and keep refreshing

Mik3y-FOP•2y ago

is it, possible to make the nextjs middleware feature work with the database strategy on nextauth?

Gaming

Programming

How do I solve for a persisting session on Next-auth when User is deleted from DB.