gmoxy
TTCTheo's Typesafe Cult
•Created by Hamza Ali Turi on 11/24/2023 in #questions
Session & Cookies
also depends on how you check cookies
6 replies
TTCTheo's Typesafe Cult
•Created by Hamza Ali Turi on 11/24/2023 in #questions
Session & Cookies
You should invalidate (delete or only mark as expired) the session from the database and check the validity of it on every secure request with your database
https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#logout-button
a good read if you want to understand cookies security to a industry standards
6 replies
TTCTheo's Typesafe Cult
•Created by gave_one on 8/5/2023 in #questions
Session is not being created when logged in
they come from next auth https://next-auth.js.org/configuration/callbacks
27 replies
TTCTheo's Typesafe Cult
•Created by gave_one on 8/5/2023 in #questions
Session is not being created when logged in
yes, probably would look something like this depends on what you want
27 replies
TTCTheo's Typesafe Cult
•Created by gave_one on 8/5/2023 in #questions
Session is not being created when logged in
next auth will call it once it needs to make a session
27 replies
TTCTheo's Typesafe Cult
•Created by gave_one on 8/5/2023 in #questions
Session is not being created when logged in
in ur callbacks make one where you set the cookie
27 replies
TTCTheo's Typesafe Cult
•Created by gave_one on 8/5/2023 in #questions
Session is not being created when logged in
you have to make the session with
adapter.createSession() not sure if ur making it somewhere else but its not here27 replies
TTCTheo's Typesafe Cult
•Created by jeff.kershner on 4/17/2023 in #questions
What is the backend that runs the server side of NextJS?
i think next built over http, but the trpc server for next is built over express
5 replies