Handle/Identify (and Cancel) Server Action in Middleware

[Xanacas]

Hi Everyone,
I've implemented my own simple oauth2 logic, that stores a JWT as a cookie and my middleware secures several routes by validating the JWT and redirect to login page, if user is not logged in or JWT is expired.
However, in some situation the use is probably on a protected site with a form- / serveraction and the JWT did expire.
2 Questions:

1. How can I properly determine such a server action sever request in my middleware? Currently I'm looking for Method POST and available formData - but I guess there should be a more precise way to identify all Server Actions in a middleware. At least if they come though through javascript.
2. Lets assume the JWT expired while the authenticated page with the server action remained open in the browser. navigating to a new Page would hit the middleware the normal way and a redirect to /login would be initiated from my middleware. However, ServerActions don't follow the redirect in terms for page navigation. I tried "redirect()" which i can use in routes - which isn't allowed, I tried return NextResponse.json({message: "not authenticated"}, {status: 401}) and I tried throw new Error("not authenticated"). Clientside I looked into the "result" but it remains undefined, nor did I found a way to attach an onError-callback or .catch() to get any kind of details from my middleware, so that I can take action clientside.

[danieltott]

@Xanacas were you able to come up with any solution or workaround? Running into this myself at the moment.

[Xanacas]

As you can see, there is still no official answer, but here is what I did:
I check periodically after inactivity/on tab focus whether the session is still valid. This also improves the user experience, as there is no form submission thrown away, if login expired. Instead if session is expired I open a modal to login. If session is about to expire, I renew it in the background.

[danieltott]

I've been adding a check in my action functions for valid JWT, but your solution seems like a good one to add to that as well. Thanks for the reply!

[gmoniava]

@Xanacas I have a similar issue: https://nextjs-forum.com/post/1393520231846248590