Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Remove getSession usage from SSR #107

Merged
merged 3 commits into from
Jun 13, 2024
Merged

fix: Remove getSession usage from SSR #107

merged 3 commits into from
Jun 13, 2024

Conversation

anku255
Copy link
Contributor

@anku255 anku255 commented Jun 11, 2024

Summary of change

This PR updates the boilerplate of Astro, Remix and NextJS (app dir) to remove the getSession usage in the SSR.

Related issues

  • Link to issue1 here
  • Link to issue1 here

Test plan

  • If added a new boilerplate
    • I tested the new boilerplate by running the CLI locally
    • I tested that the boilerplate is created and works correctly when using command line flags (--recipe=... for example)
  • If added a new recipe, frontend or backend
    • I tested that the newly added option is usable by passing command line flags (--recipe=... for example)

Checklist for important updates

  • Changelog has been updated
  • Changes to the version if needed
    • In package.json
    • In package-lock.json
    • In lib/ts/version.ts
  • Had run npm run build-pretty
  • Had installed and ran the pre-commit hook
  • If added a new recipe, I also modified types to include the new recipe in Recipe and allRecipes
  • If added a new frontend, I also modified types to include the new frontend in SupportedFrontends and allFrontends if required
  • If added a new backend, I also modified types to include the new backend in SupportedBackends and allBackends if required

@anku255 anku255 force-pushed the fix/remove-get-session-from-ssr branch from e316477 to 3ba7242 Compare June 12, 2024 06:33
@anku255 anku255 force-pushed the fix/remove-get-session-from-ssr branch from 17bddee to d951467 Compare June 12, 2024 11:37
@rishabhpoddar rishabhpoddar merged commit be8f05e into master Jun 13, 2024
@rishabhpoddar rishabhpoddar deleted the fix/remove-get-session-from-ssr branch June 13, 2024 05:42
This was referenced Jun 13, 2024
Merged
Merged
samcx added a commit to vercel/next.js that referenced this pull request Jun 14, 2024
@anku255 @samcx
Update with-supertokens example (#66827)
14b7b37 
Updates the with-supertokens example to replace `getSSRSession` usage
with manual JWT parsing in SSR as shown in
supertokens/create-supertokens-app#107

Co-authored-by: Sam Ko <[email protected]>
@tocaherge
Copy link

Is there a documented reason behind this change?
These docs still show getSSRSession being used: https://supertokens.com/docs/thirdparty/nextjs/app-directory/protecting-route#using---presessionauthfornextjs-and-checking-for-sessions--pre

@anku255
Copy link
Contributor Author

anku255 commented Jun 17, 2024

Hi @tocaherge!

The reason behind this change is that getSession / verifySession functions from the supertokens-node SDK may update the access token. These updated tokens would not be propagated to the client side properly, as request interceptors do not run on the server side. So, instead we use regular JWT verification library to parse the tokens to avoid any inconsistency.

As for the docs, they will be updated very soon. You can track the changes in supertokens/docs#804

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rishabhpoddar rishabhpoddar rishabhpoddar requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@anku255 @tocaherge @rishabhpoddar