From 34cc2226b9c75106afa38fa577b31b25f749f236 Mon Sep 17 00:00:00 2001 From: Nate Kelley Date: Mon, 11 Aug 2025 16:44:25 -0600 Subject: [PATCH] Update supbase --- apps/web/src/middleware/supabaseMiddleware.ts | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/apps/web/src/middleware/supabaseMiddleware.ts b/apps/web/src/middleware/supabaseMiddleware.ts index 21ceceddd..ecef40a3a 100644 --- a/apps/web/src/middleware/supabaseMiddleware.ts +++ b/apps/web/src/middleware/supabaseMiddleware.ts @@ -30,25 +30,25 @@ export async function updateSession(request: NextRequest) { } ); - // Get the session data first - const { data: sessionData } = await supabase.auth.getSession(); - - // Preemptively refresh if expiring soon (within 5 minutes) - if (sessionData.session?.expires_at) { - const expiresAtTimestamp = sessionData.session.expires_at * 1000; // ms - const now = Date.now(); - const timeUntilExpiry = expiresAtTimestamp - now; - const refreshWindowMs = 5 * 60 * 1000; // 5 minutes - - if (timeUntilExpiry < refreshWindowMs) { - await supabase.auth.refreshSession(); - } - } + // Do not run code between createServerClient and // Get the user (this will use the refreshed session if we refreshed it) const { data: { user } } = await supabase.auth.getUser(); + // IMPORTANT: You *must* return the supabaseResponse object as it is. + // If you're creating a new response object with NextResponse.next() make sure to: + // 1. Pass the request in it, like so: + // const myNewResponse = NextResponse.next({ request }) + // 2. Copy over the cookies, like so: + // myNewResponse.cookies.setAll(supabaseResponse.cookies.getAll()) + // 3. Change the myNewResponse object to fit your needs, but avoid changing + // the cookies! + // 4. Finally: + // return myNewResponse + // If this is not done, you may be causing the browser and server to go out + // of sync and terminate the user's session prematurely! + return [supabaseResponse, user] as [NextResponse, User | null]; }