From 4ac5ed4eca16cdb586b42838493474e1cd757fbd Mon Sep 17 00:00:00 2001 From: Julian Cuni Date: Sat, 2 May 2026 18:10:02 +0200 Subject: [PATCH] fix(auth): switch directus sdk to 'session' mode 'cookie' mode keeps the session alive via an in-memory access token that's refreshed from a refresh cookie when the SDK is alive. After a hard reload the SDK has no access token in memory, so /users/me 401s before autoRefresh can kick in (or the refresh cookie's surface doesn't cover plain reads cleanly). Net effect: every reload bounces back to login even when the cookie is still valid. 'session' mode puts the actual session in the cookie. Browser sends it automatically on every request, the SDK doesn't need to manage tokens, and reload survives cleanly because /users/me with the session cookie just works. Reordered .with() calls to match the working pattern from a prior project: rest() before authentication() (cosmetic; SDK accepts either order). --- src/auth/client.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/auth/client.ts b/src/auth/client.ts index 130a43a..5a27f8f 100644 --- a/src/auth/client.ts +++ b/src/auth/client.ts @@ -42,8 +42,8 @@ function toAbsoluteUrl(maybeRelative: string): string { function buildClient(directusUrl: string) { return createDirectus(toAbsoluteUrl(directusUrl)) - .with(authentication('cookie', { credentials: 'include', autoRefresh: true })) - .with(rest({ credentials: 'include' })); + .with(rest({ credentials: 'include' })) + .with(authentication('session', { credentials: 'include' })); } let _client: DirectusClient | null = null;