User info not refreshed on getSession from nextjs sdk

I’m using auth0 universal login with nextjs-auth0 SDK to manage authentication in my app.

If a User object has its information updated whilst the user is already logged in, that information will remain stale and the getSession method from the SDK will not update it.
To fix this, I call the ‘/userinfo’ endpoint as an workaround to get the user refreshed data, but sometimes I’m getting rate-limited. ( I do this in the middleware of my app - code below )

I’ve deployed my app on CF pages, and there’s some issues while using that and fetch API cache for data management, so I have implemented caching with an timeout of 30 seconds as can be seen here:

Is there another way to work around this to refresh the user data?

3 Likes

I am also running into this issue, any ideas?

2 Likes

This also happened with me, I’m now using your workaround but I get rate limited still :frowning:

1 Like

The following approach has worked for me. This is NextJS middleware for app routes :
@leomc @stefan6 @adriano

// middleware.js
import { withMiddlewareAuthRequired, getSession, handleProfile } from '@auth0/nextjs-auth0/edge';
import { NextResponse } from "next/server";

export default withMiddlewareAuthRequired(async function middleware(req) {
    const res = NextResponse.next();

    try {

        // This fixed it
        // @ts-ignore 
        await handleProfile(req, res, {
            refetch: true,
        })

        const session = await getSession(req, res);

        console.log('Email verified status:', session?.user.email_verified);


        if (!session) {
            console.log('No session found');
            return NextResponse.redirect(new URL('/', req.url));
        }

        if (!session.user.email_verified) {
            console.log('Email not verified');
            return NextResponse.redirect(new URL('/verify-email', req.url));
        }

        return res;
    } catch (error) {
        console.error('Error in middleware:', error);
        return NextResponse.redirect(new URL('/error', req.url));
    }
});

// Matcher config remains the same

// Specify the paths where this middleware should apply
...
2 Likes

Thanks for sharing @devbydixon !

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.