SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Sounds good. Just one case is if `getSession` throws a `TRY_REFRESH_TOKEN` error, then you need to send a 401 to the frontend. This can happen if a session exists, but the access token has expired. So your code should change to like:
```
try {
  const existingSession = await Session.getSession(...)
  ...
  return {
    id: data.id,
    ...
  }
} catch {
  if (err.type === Session.Error.TRY_REFRESH_TOKEN) {
    // return 401 to frontend
  } else {
    return InternalServerError(error);
  }
}
```