From 3052db790eb7c8872ea718566ab16e37c652660a Mon Sep 17 00:00:00 2001
From: Paul Asjes <paul.asjes@workos.com>
Date: Thu, 21 Nov 2024 23:24:20 +0100
Subject: [PATCH] Redirect if refresh failed (#143)

* Redirect if refresh failed

* version bump

* Put back to 302

* back to 307
---
 package.json   |  2 +-
 src/session.ts | 20 +++++++++++++++-----
 src/workos.ts  |  2 +-
 3 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/package.json b/package.json
index 753540e..41cf3bd 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@workos-inc/authkit-nextjs",
-  "version": "0.16.0",
+  "version": "0.16.1",
   "description": "Authentication and session helpers for using WorkOS & AuthKit with Next.js",
   "sideEffects": false,
   "type": "module",
diff --git a/src/session.ts b/src/session.ts
index a72b363..0f49c3e 100644
--- a/src/session.ts
+++ b/src/session.ts
@@ -160,12 +160,22 @@ async function updateSession(
     return response;
   } catch (e) {
     if (debug) console.log('Failed to refresh. Deleting cookie and redirecting.', e);
-    const response = NextResponse.next({
-      request: { headers: newRequestHeaders },
-    });
-    response.cookies.delete(cookieName);
-    return response;
+
+    nextCookies.delete(cookieName);
   }
+
+  // If we get here, the session is invalid and the user needs to sign in again.
+  // We redirect to the current URL which will trigger the middleware again.
+  // This is outside of the above block because you cannot redirect in Next.js
+  // from inside a try/catch block.
+  return NextResponse?.redirect
+    ? NextResponse.redirect(request.url)
+    : new Response(null, {
+        status: 307,
+        headers: {
+          Location: request.url,
+        },
+      });
 }
 
 async function refreshSession(options: {
diff --git a/src/workos.ts b/src/workos.ts
index 796af93..934a2e9 100644
--- a/src/workos.ts
+++ b/src/workos.ts
@@ -1,7 +1,7 @@
 import { WorkOS } from '@workos-inc/node';
 import { WORKOS_API_HOSTNAME, WORKOS_API_KEY, WORKOS_API_HTTPS, WORKOS_API_PORT } from './env-variables.js';
 
-export const VERSION = '0.16.0';
+export const VERSION = '0.16.1';
 
 const options = {
   apiHostname: WORKOS_API_HOSTNAME,