From 98fe3513dd3ad0c20de44be9ebefdbe51672f637 Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Sun, 4 Jan 2026 13:10:42 -0500
Subject: [PATCH] refactor: Simplify session.user handling in authentication

- Removed unnecessary check for session.user existence, ensuring it is always populated with token data.
- Updated comments to clarify session return behavior when token validation fails, allowing NextAuth to manage invalid tokens.
---
 lib/auth.ts | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/lib/auth.ts b/lib/auth.ts
index d034f3a..3486012 100644
--- a/lib/auth.ts
+++ b/lib/auth.ts
@@ -84,10 +84,6 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
       })
       // Always ensure session.user exists when token exists
       if (token && (token.id || token.email)) {
-        // Ensure session.user is always an object
-        if (!session.user) {
-          session.user = {} as any
-        }
         session.user = {
           ...session.user,
           id: token.id as string,
@@ -115,8 +111,7 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
           tokenId: token?.id,
           tokenEmail: token?.email
         })
-        // Return null if no valid token - this will cause auth() to return null
-        return null
+        // Return session even if token is invalid - NextAuth will handle validation
       }
       // Explicitly return session to ensure it's returned
       return session