User info not refreshed on getSession from nextjs sdk

adriano · April 25, 2024, 1:45pm

I’m using auth0 universal login with nextjs-auth0 SDK to manage authentication in my app.

If a User object has its information updated whilst the user is already logged in, that information will remain stale and the getSession method from the SDK will not update it.
To fix this, I call the ‘/userinfo’ endpoint as an workaround to get the user refreshed data, but sometimes I’m getting rate-limited. ( I do this in the middleware of my app - code below )

I’ve deployed my app on CF pages, and there’s some issues while using that and fetch API cache for data management, so I have implemented caching with an timeout of 30 seconds as can be seen here:

Is there another way to work around this to refresh the user data?

stefan6 · April 29, 2024, 10:43am

I am also running into this issue, any ideas?

leomc · April 30, 2024, 2:40pm

This also happened with me, I’m now using your workaround but I get rate limited still

devbydixon · August 24, 2024, 10:34pm

The following approach has worked for me. This is NextJS middleware for app routes :
@leomc @stefan6 @adriano

// middleware.js
import { withMiddlewareAuthRequired, getSession, handleProfile } from '@auth0/nextjs-auth0/edge';
import { NextResponse } from "next/server";

export default withMiddlewareAuthRequired(async function middleware(req) {
    const res = NextResponse.next();

    try {

        // This fixed it
        // @ts-ignore 
        await handleProfile(req, res, {
            refetch: true,
        })

        const session = await getSession(req, res);

        console.log('Email verified status:', session?.user.email_verified);


        if (!session) {
            console.log('No session found');
            return NextResponse.redirect(new URL('/', req.url));
        }

        if (!session.user.email_verified) {
            console.log('Email not verified');
            return NextResponse.redirect(new URL('/verify-email', req.url));
        }

        return res;
    } catch (error) {
        console.error('Error in middleware:', error);
        return NextResponse.redirect(new URL('/error', req.url));
    }
});

// Matcher config remains the same

// Specify the paths where this middleware should apply
...

tyf · August 26, 2024, 3:14pm

Thanks for sharing @devbydixon !

system · September 9, 2024, 3:15pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How do we ensure a session is still valid on refresh with NextJS app folder? Help logout , sessions	4	2933	September 26, 2024
Auth0 NextJS - Refresh Sessions Help sessions , authentication-sessions	0	28	September 19, 2024
Metadata not showing up in useUser() and getSession() Help user-profile , user-management	5	38	August 28, 2024
Cannot update session Help sessions , authentication-sessions	1	80	September 10, 2024
Nextjs-auth0 /api/auth/me route doesn't return as many details as expected Help auth0 , user-profile , user_metadata , nextjs	5	6519	February 25, 2021

User info not refreshed on getSession from nextjs sdk

Related Topics