Hey guys, did the implementation of sessionRequired change in supertokens-node@9.2.0? Even though I had set it to false it now throws a 401 Unauthorized for public routes

return await verifySession({sessionRequired: false})(ctx.req as any, ctx.res as any, next)

Huh.. that’s weird. Nothing has changed regarding this

Mhm, good point, not yet. It was working up until the today.

Can you enable debug logs and show me the output?

I'll try downgrading one minor. It's not a blocking point, I just moved the middleware logic one layer down to my protected routes, now it can actually check with sessionRequired: true, but still I thought it was weird

Add env var like DEBUG=com.supertokens node index.js

One sec

Yes. Cause technically, the session does exist. The user is still logged in

Oooooh

Their refresh token is still valid.

I was supposed to be after a logout, but on local dev, I probably messed up the states or restarts and got stuck

Yeaaaa. That’s possible

I guarded the app with

sessionRecipe.doesSessionExist()

which was false so I was routed to the login page and that's when the error occured

I see. Yea. State is messed up.

Right, if this state cannot happen on prod then I'm fine, I know now how to get out of it

👍