allow configuring session storage on callback route #22
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds support for passing custom session storage and cookie settings to the callback route (authLoader) to prevent cold-start errors in serverless environments, and documents the new options.
- Extend
HandleAuthOptionsto require or forbidstorage/cookietogether. - Update
authLoaderto callconfigureSessionStoragedirectly using providedstorage/cookie. - Add a README section on customizing session storage and advice for serverless deployments.
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| src/interfaces.ts | Changed HandleAuthOptions from an interface to a discriminated union supporting optional custom storage and cookie settings |
| src/authkit-callback-route.ts | Swapped getSessionStorage for configureSessionStorage, destructured storage and cookie, and derived cookieName |
| README.md | Added "Customizing Session Storage" guide with examples and a serverless note |
Comments suppressed due to low confidence (4)
src/interfaces.ts:6
- [nitpick] The type name
HandleAuthOptionsis somewhat generic; consider renaming it toAuthLoaderOptionsto more clearly indicate it configures theauthLoaderfunction.
export type HandleAuthOptions = {
src/authkit-callback-route.ts:12
- Add unit tests for the new
storage/cookiecode path inauthLoaderto verify thatconfigureSessionStorageis called and sessions behave correctly when custom storage is provided.
const { getSession, commitSession } = await configureSessionStorage({ storage, cookieName });
README.md:324
- Clarify that the
cookieoption only overrides the name for the default cookie-based storage; when supplying a customSessionStorage, other cookie properties are ignored byconfigureSessionStorage.
cookie: { name: "auth-session" }
src/interfaces.ts:6
- Ensure that
SessionStorageandSessionIdStorageStrategyare imported at the top of this file; otherwise these types will be undefined and cause a compile error.
export type HandleAuthOptions = {
This PR addresses issue #63 where users deploying to serverless
environments (like AWS Lambda) experience errors in the callback route
during cold starts. The error occurs because the session storage
configuration happens in the root loader, but during cold starts the
callback route might be hit first, resulting in:
```
Error: SessionStorage was never configured. Did you forget to call
configureSessionStorage in your root loader?
```
## Changes
- Updated the `authLoader` function to accept the same `storage` and
`cookie` configuration options that `authkitLoader` already supports
- Modified `HandleAuthOptions` type to support these new configuration
options
- Changed the implementation to use `configureSessionStorage` directly
in the callback route
## How It Works
When a cold start happens in a serverless environment, the callback
route can now configure session storage itself through the same
interface already available in `authkitLoader`. This allows developers
to provide consistent session storage configuration to both routes,
ensuring the application works correctly regardless of which route is
hit first.
## Usage
For applications deployed to serverless environments, you can now use
this pattern:
```typescript
// Create a shared configuration function
function getAuthStorage() {
return {
storage: createCookieSessionStorage({...}),
cookie: { name: "my-session" }
};
}
// In your root loader
export const loader = (args) => authkitLoader(args, {
...getAuthStorage(),
// Other options...
});
// In your callback route
export const loader = authLoader({
...getAuthStorage(),
// Other options...
});
```
This ensures consistent session configuration across routes and prevents
cold start errors.
## README changes
This PR also adds a section describing sessoion storage configuration to
the README, and notes the important case to configure in both laoders
(when custom session storage is used).
Fixes #63.
nicknisi
force-pushed
the
nicknisi/configurable-storage
branch
from
3905ac4 to
e262a71
Compare
|
It would be good if this was released soon so we can complete our migration from remix to react router. 🙏 🥺 |
stacurry
approved these changes
Jun 18, 2025
Contributor
|
@MattyBalaam we just released v0.5.0 which includes these changes. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Note
This is a port of the same functionality from authkit-remix.
This PR addresses issue #63 where users deploying to serverless environments (like AWS Lambda) experience errors in the callback route during cold starts. The error occurs because the session storage configuration happens in the root loader, but during cold starts the callback route might be hit first, resulting in:
Changes
authLoaderfunction to accept the samestorageandcookieconfiguration options thatauthkitLoaderalready supportsHandleAuthOptionstype to support these new configuration optionsconfigureSessionStoragedirectly in the callback routeHow It Works
When a cold start happens in a serverless environment, the callback route can now configure session storage itself through the same interface already available in
authkitLoader. This allows developers to provide consistent session storage configuration to both routes, ensuring the application works correctly regardless of which route is hit first.Usage
For applications deployed to serverless environments, you can now use this pattern:
This ensures consistent session configuration across routes and prevents cold start errors.
README changes
This PR also adds a section describing sessoion storage configuration to the README, and notes the important case to configure in both laoders (when custom session storage is used).