Impossible to check null session without getSession warning about auth-js HOT 9 OPEN

The SvelteKit steps are updated - they call getSession() first, and if null then they return such and do not invoke getUser(). However, Next docs do not appear to show this.

Check a user's session with getSession() while not logged in, you get the warning.

Which framework are you having this issue with?

from auth-js.

I'm using SvelteKit, but it doesn't matter which Framework you use, as you cannot call getSession first due to the _saveSession problem mentioned above.

If there is no session, you will get the warning always.

J

from auth-js.

I'm using SvelteKit, but it doesn't matter which Framework you use, as you cannot call getSession first due to the _saveSession problem mentioned above.

If there is no session, you will get the warning always.

J

Ok, thanks. I assumed that's what you used, based on past interactions.

I ask because I'm using SvelteKit, but I don't have that specific issue when there's no one logged in. Do you have a repro?

from auth-js.

Did you look at the core code and do you see the problem? Are you using getSession before getUser?

I can make a repo if necessary, but all you have to do is follow the SvelteKit guide.

The NextJS guide doesn't use getSession, which means you have to call the extra fetch with getUser.

from auth-js.

Hmm... I have a test repo that follows the SvelteKit guide, here, but I never see logs unless there is a logged-in user.

from auth-js.

I will check my repo when I get home from work.

However, if there is a logged-in user, why are you still seeing the logs unless it is fixed? If you're seeing it once, it will run multiple times due to how hooks.server.ts works in Svelte.

J

from auth-js.

Yep, it logs multiple times for me. But only when there's a user logged in.

If I read your description correctly, you're also having issues when a user isn't logged in, correct?

P.S. When auth-js v2.64.3 drops, it will limit the logs; which isn't a great consolation, but makes it a bit less annoying.

from auth-js.

Yep, it logs multiple times for me. But only when there's a user logged in.

I just checked my app on my home project, and it seems I jumped the gun. The warning is only shown when logged in. After re-looking at this code, I believe I see how this is possible on this line.

That means SvelteKit has the correct idea to use getSession() first, while NextJS is fetching needlessly. The NextJS Tutorial should be updated to call getSession() first, and only call getUser() when there is a session to verify. Again, extra fetches can be costly, even for Supabase.

P.S. When auth-js v2.64.3 drops, it will limit the logs; which isn't a great consolation, but makes it a bit less annoying.

1. When will auth-js v2.64.3 drop?
2. What do you mean limit the log? Shouldn't it ONLY be displayed when a user is calling it incorrectly (not verifying a session)?

J

from auth-js.

I'm not sure about the version timeline. Likely this week.

The limit should keep things calmer. But we're never gonna get rid of it with the current state of SvelteKit and the Supabase ssr layout.ts cookie storage for SvelteKit.

The warning needs to die, but that likely won't happen until Supabase comes out with asymmetric jwts. I hope it happens at that point; or as silentworks suggested: at least don't log it in production.

from auth-js.