Ferdinand
Ferdinand5mo ago

New AuthSessions and AuthRefreshTokens after each login

Hello there! I have this issue, everytime I login with my google provider I have a new authSessions and authRefreshTokens. here is my auth code:
export const { auth, signIn, signOut, store } = convexAuth({
providers: [Google],
callbacks: {
async createOrUpdateUser(ctx, args) {
if (args.existingUserId) {
return args.existingUserId;
}

return ctx.db.insert('users', {
email: args.profile.email,
emailVerified: args.profile.emailVerified,
image: args.profile.image,
name: args.profile.name,
phone: args.profile.phone,
phoneVerified: args.profile.phoneVerified,
role: 'user',
});
},
},
});
export const { auth, signIn, signOut, store } = convexAuth({
providers: [Google],
callbacks: {
async createOrUpdateUser(ctx, args) {
if (args.existingUserId) {
return args.existingUserId;
}

return ctx.db.insert('users', {
email: args.profile.email,
emailVerified: args.profile.emailVerified,
image: args.profile.image,
name: args.profile.name,
phone: args.profile.phone,
phoneVerified: args.profile.phoneVerified,
role: 'user',
});
},
},
});
17 Replies
Ferdinand
FerdinandOP5mo ago
This happens both in development and production. Apart from that, everything is okay.
Michal Srb
Michal Srb5mo ago
I think that's working as expected. Every time the user signs in, a new session is created.
Ferdinand
FerdinandOP5mo ago
I appreciate your response. What I mean is that if I log in 4 times with the same user I get 4 different sessions, it is strange because before that I was getting one session per user but it was modified every time I logged in. If that is the case what becomes of those old sessions, will they be deleted automatically?
Michal Srb
Michal Srb5mo ago
before
Was this a different version of the library? What changed?
Ferdinand
FerdinandOP5mo ago
I think it was a different version sir but what becomes of those old sessions?
ballingt
ballingt5mo ago
@Ferdinand What does logging in 4 times mean, are you clicking the login button in a page that's already logged in? Using another tab where the user wasn't logged in and the UI hadn't updated?
Ferdinand
FerdinandOP5mo ago
Thanks for your response. When I log in the first time, it creates one authSession and one authRefreshToken. When I sign out and then log in again with the same user, another set of sessions are created with new id's.
ballingt
ballingt5mo ago
That sounds expected to me, it's a new session when you log out and log in. If you have state you want to last longer than this you could store it in a table with user ids in it
Ferdinand
FerdinandOP5mo ago
I tried logging in and signing out 5 times and in my dashboard, I have 5 different sessions.
ballingt
ballingt5mo ago
Ah so they're not getting deleted, is that what's unexpected?
Ferdinand
FerdinandOP5mo ago
yes sir Any updates for my issue Mr Tom?
ballingt
ballingt5mo ago
I'll take a look soon, I need to try to repro. What are you using on the frontend in case that matters for the repro?
Ferdinand
FerdinandOP5mo ago
Thanks for your concern. I'm using next js Hello any updates Mr Tom ?
Mrod
Mrod5mo ago
This is the same thing I was wondering, should the auth session and authRefreshToken be deleted from the db when a user signs out? Because right now it doesn’t delete it from the db when a user signs out
Ferdinand
FerdinandOP5mo ago
Yes it should because every time you sign in a new one will be created Hello @ballingt any updates?
Michal Srb
Michal Srb5mo ago
I can repro this, it's Next.js specific @Ferdinand @Mrod this is fixed in @convex-dev/auth@0.0.56
Ferdinand
FerdinandOP5mo ago
Thanks much @Michal Srb will try it right now @Michal Srb just tested and everything is working perfectly. 👍

Did you find this page helpful?