After deployment, the middleware does not reissue the access token.

[qjrjsel]

hello.

When the current access token expires, middleware.ts reissues the access token and sets it as a cookie.

Currently, the value for the access token is well displayed in the console, and the access token is reissued normally after the first deployment.

It will not be reissued after a certain period of time.

In the local environment, reissues are being carried out consistently.

What's the problem?

- middleware.ts

export async function middleware(request: NextRequest) {
  const response = NextResponse.next();
  const { accessToken, refreshToken } = getTokenValues(request);
  const alreadyRedirected = request.cookies.get('alreadyRedirected')?.value === 'true';

  if (!accessToken && refreshToken && !alreadyRedirected) {
    const newResponse = NextResponse.redirect(request.nextUrl.clone());
    const res = await getNewAccessToken(refreshToken);

    const { newAccessToken } = res;

    console.log('newAcceessToken : ', newAccessToken); // it works well 

    newResponse.cookies.set('accessToken', newAccessToken, TOKEN_COOKIE_CONFIG.access_token);
    newResponse.cookies.set('alreadyRedirected', 'true', {
      path: '/',
      expires: Date.now() + 60 * 1000,
    });

    return newResponse;
  }

  if (alreadyRedirected) {
    response.cookies.delete('alreadyRedirected');
  }

  return response;
}

export const config = {
  matcher: ['/', '/((?!api|_next/static|_next/image|favicon.ico).*)'],
};

alreadyRedirected If this cookie does not exist, an "ERROR TOO MANY REDIRECTS" error occurs, so I created this cookie.

Also, if a cookie was created in the existing response, the access token cookie creation did not work properly, so a new response was created through redirect.

const newResponse = NextResponse.redirect(request.nextUrl.clone());

Also, if a cookie was created in the existing response, the access token cookie creation did not work properly, so a new response was created through redirect.

The problem is that after adding console logging and redeploying and operating again, cookies are injected normally.

If I try to operate it again after some time has passed, the access token does not work properly.

It works consistently well in the local environment.

[qjrjsel]

please... 🥲

[VogelVlug]

I believe I am experiencing the same issue as you do, but my middleware simply does not run on production, so it also wont ever re-issue the access token. See my question, that I've asked here: #62283

Unfortunately there was no answer so far either 🥲