feat(core): add dynamic session maxAge support #13193
Open
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
☕️ Reasoning
This PR introduces dynamic session maxAge support to NextAuth.js, addressing a long-standing limitation where developers couldn't implement "Remember Me" functionality natively.
Problem
NextAuth.js previously only supported static session durations, forcing developers to use complex workarounds for common UX patterns like:
Solution
Allow
session.maxAge
to be a function that returns dynamic values based on user data, roles, or preferences. This enables use cases like:The maxAge can now be:
"session"
for browser session cookiesExample Usage
🧢 Checklist
extending-the-session.mdx
with real-world examples🎫 Affected issues
This PR addresses several community requests for Remember Me functionality:
📌 Resources
Technical Details
Files Changed:
packages/core/src/index.ts
- Enhanced AuthConfig type definitionspackages/core/src/lib/actions/callback/index.ts
- Dynamic maxAge resolution logicpackages/core/src/lib/actions/session.ts
- Session cookie handling for dynamic valuesdocs/pages/guides/extending-the-session.mdx
- User documentation with examplespackages/core/test/actions/session.test.ts
- Comprehensive test suiteBackward Compatibility:
maxAge
configurations work unchangedPerformance: