ChowderCrab
BABetter Auth
•Created by ChowderCrab on 2/18/2025 in #help
Is there a preferred way to periodically refresh the cookie cache?
I have a Tanstack Start app. My only uses of "authClient" right now are sign-in, sign-up, and sign-out. After that, I check the session within server functions and redirect to sign-in if no session is present.
I am also using the cookie cache ("better-auth.session_data") to ensure I'm not hitting the database for auth on every request. However, I noticed that after "session_data" expired the first time, it was never refreshed since I'm never calling the "get-session" endpoint again from the client.
So far this all make sense, but I'm trying to figure out the best way to keep the cookie cache populated. A couple things I've looked at: - I can use React Query to refetch with authClient.getSession() periodically... that'll ensure the cookie cache stays relatively updated (depending on how I refetch there could be some periods with no cookie cache.. I can set the refetch based on the cookie expiration too). - Check somewhere if the cookie is present and fetch if not. - Change my setup to use client-side auth more (in addition to server checks)... the refresh might be "free" in this case since it's checking frequently from the client anyway -- this would be quite a bit more network requests for auth I think. Any other preferred options or something I'm missing? I'm not certain what the best practice is for client-side session checks if things are generally working fine without them now (I'm aware of some potential UX benefits).
I am also using the cookie cache ("better-auth.session_data") to ensure I'm not hitting the database for auth on every request. However, I noticed that after "session_data" expired the first time, it was never refreshed since I'm never calling the "get-session" endpoint again from the client.
So far this all make sense, but I'm trying to figure out the best way to keep the cookie cache populated. A couple things I've looked at: - I can use React Query to refetch with authClient.getSession() periodically... that'll ensure the cookie cache stays relatively updated (depending on how I refetch there could be some periods with no cookie cache.. I can set the refetch based on the cookie expiration too). - Check somewhere if the cookie is present and fetch if not. - Change my setup to use client-side auth more (in addition to server checks)... the refresh might be "free" in this case since it's checking frequently from the client anyway -- this would be quite a bit more network requests for auth I think. Any other preferred options or something I'm missing? I'm not certain what the best practice is for client-side session checks if things are generally working fine without them now (I'm aware of some potential UX benefits).
7 replies