res.end() does not work if autoCommit is true

Question

res.end() does not work if autoCommit is true

jamesperi opened this issue 5 years ago · 6 comments

So Playing with this and i think i've nailed down a problem with applySessions stub of res.end

You can see in this example = demo

If you change the options argument "autoCommit: false" and reload the page, it will correctly redirect to /foo. But with autoCommit: true (the default) it will just hang..

Jim

Answer 1 · 2020-03-14T18:15:50.000Z

Thanks @jamesperi for reporting the issue. This should be fixed now.

On a side note,

next@>9.3.0 recommends using getServerSideProps instead of getInitialProps

so you should use next-session with getServerSideProps because req and res is only available on the first render in getInitialProps.

Answer 2 · 2020-03-14T19:33:30.000Z

@hoangvvo Thanks for that. Currently I use the apollo HOC described in the with-apollo recipe, which uses getInitialProps, and apparently i cant use both getInitialProps and getServerSideProps together. I'll have to play with seeing if getServerSideProps will play nicely or if I'll have to rethink how to implement Apollo client all together.

Answer 3 · 2020-03-15T00:08:33.000Z

@jamesperi I see. What is your use case for next-session in getInitialProps?

Answer 4 · 2020-03-15T00:22:21.000Z

We use a corporate Cookie based Authentication system. The idea is: on initial hit to your website (any page) if you aren't "authenticated" your server gives a redirect to the browser to the corporate auth login site. Once you've authenticated there, it stuffs a cookie into your browser (which stays in browser for life of session) and you get redirected back to your site. You unencrypt that cookie on the server, and get some stuff back that identifies you (corprate UID, name, phone, email etc). So that info needs to get stored into a server-side session. Any further hits on the server (API calls, or page reloads) will not need to be reauthenticated until it expires, or ya close browser or whatever.

That's the short version anyway :P

Answer 5 · 2020-03-15T17:47:02.000Z

Seeing that you use Apollo GraphQL, I think you can use next-session in API Routes or wherever your Apollo Server (or another GraphQL server) is.

In my setup, I put next-session before Apollo Server so that the session is always available in the resolvers' context.request.session. I think that might be a better option than using next-session in getInitialProps.

Answer 6 · 2020-03-15T17:47:50.000Z

Then I would create a GraphQL query like currentUser which will resolve based on context.request.session