Skip to content

Commit

Permalink
feat(core): add default cache control headers for GET endpoints
Browse files Browse the repository at this point in the history
  • Loading branch information
@ThangHuuVu
ThangHuuVu committed Feb 8, 2025
1 parent 918a6ac commit 742b826
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 4 deletions.
16 changes: 15 additions & 1 deletion packages/next-auth/src/core/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,21 @@ export async function AuthHandler<
}
case "csrf":
return {
headers: [{ key: "Content-Type", value: "application/json" }],
headers: [
{ key: "Content-Type", value: "application/json" },
{
key: "Cache-Control",
value: "private, no-cache, no-store",
},
{
key: "Pragma",
value: "no-cache",
},
{
key: "Expires",
value: "0",
},
],
body: { csrfToken: options.csrfToken } as any,
cookies,
}
Expand Down
23 changes: 20 additions & 3 deletions packages/next-auth/src/core/routes/session.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,25 @@ export default async function session(

const response: ResponseInternal<Session | {}> = {
body: {},
headers: [{ key: "Content-Type", value: "application/json" }],
headers: [
{ key: "Content-Type", value: "application/json" },
...(isUpdate
? []
: [
{
key: "Cache-Control",
value: "private, no-cache, no-store",
},
{
key: "Pragma",
value: "no-cache",
},
{
key: "Expires",
value: "0",
},
]),
].filter(Boolean),
cookies: [],
}

Expand Down Expand Up @@ -98,8 +116,7 @@ export default async function session(
} else {
try {
// @ts-expect-error -- adapter is checked to be defined in `init`
const { getSessionAndUser, deleteSession, updateSession } =
adapter
const { getSessionAndUser, deleteSession, updateSession } = adapter
let userAndSession = await getSessionAndUser(sessionToken)

// If session has expired, clean up the database
Expand Down

0 comments on commit 742b826

Please sign in to comment.