nuxt-auth: Chunking session cookies throws errors on decode and logs user out

Environment

Operating System: Darwin
Node Version: v18.14.2
Nuxt Version: 3.3.1
Nitro Version: 2.3.1
Package Manager: npm@9.5.0
Builder: vite
User Config: extends, srcDir, runtimeConfig, app, imports, typescript, css, modules, tailwindcss
Runtime Modules: @nuxtjs/tailwindcss@6.6.0
Build Modules: -

Reproduction

Try to return this user including tokens from the authenticate method in the credentialsprovider:

const largeToken = {
  name: "Pablo Diego José Francisco de Paula Juan Nepomuceno María de los Remedios Cipriano de la Santísima Trinidad Ruiz y Picasso",
  email: "pablodiegojose@picasso.net",
  id: "2a7d1072-f292-4343-824d-65058202b618esfsefesfesfse2fsef",
  picture: "http://placekitten.com/400/200",
  initials: "PDJFDPJNM",
  tokens: {
    accessToken:
      "https://jwt.io/#debugger-io?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJ0ZXN0MSI6IkhlbGxvIHdvcmxkIiwiZG91Z2xhcyI6eyJxdW90ZSI6IkZvciBpbnN0YW5jZSwgb24gdGhlIHBsYW5ldCBFYXJ0aCwgbWFuIGhhZCBhbHdheXMgYXNzdW1lZCB0aGF0IGhlIHdhcyBtb3JlIGludGVsbGlnZW50IHRoYW4gZG9scGhpbnMgYmVjYXVzZSBoZSBoYWQgYWNoaWV2ZWQgc28gbXVjaOKAlHRoZSB3aGVlbCwgTmV3IFlvcmssIHdhcnMgYW5kIHNvIG9u4oCUd2hpbHN0IGFsbCB0aGUgZG9scGhpbnMgaGFkIGV2ZXIgZG9uZSB3YXMgbXVjayBhYm91dCBpbiB0aGUgd2F0ZXIgaGF2aW5nIGEgZ29vZCB0aW1lLiBCdXQgY29udmVyc2VseSwgdGhlIGRvbHBoaW5zIGhhZCBhbHdheXMgYmVsaWV2ZWQgdGhhdCB0aGV5IHdlcmUgZmFyIG1vcmUgaW50ZWxsaWdlbnQgdGhhbiBtYW7igJRmb3IgcHJlY2lzZWx5IHRoZSBzYW1lIHJlYXNvbnMuIiwicXVvdGUyIjoi4oCcVGhlcmUgaXMgYSB0aGVvcnkgd2hpY2ggc3RhdGVzIHRoYXQgaWYgZXZlciBhbnlvbmUgZGlzY292ZXJzIGV4YWN0bHkgd2hhdCB0aGUgVW5pdmVyc2UgaXMgZm9yIGFuZCB3aHkgaXQgaXMgaGVyZSwgaXQgd2lsbCBpbnN0YW50bHkgZGlzYXBwZWFyIGFuZCBiZSByZXBsYWNlZCBieSBzb21ldGhpbmcgZXZlbiBtb3JlIGJpemFycmUgYW5kIGluZXhwbGljYWJsZS4iLCJxdW90ZTMiOiJUaGVyZSBpcyBhbm90aGVyIHRoZW9yeSB3aGljaCBzdGF0ZXMgdGhhdCB0aGlzIGhhcyBhbHJlYWR5IGhhcHBlbmVkLiJ9LCJ0ZXN0dXNlciI6eyJpZCI6MSwiZmlyc3RfbmFtZSI6IkFhcm9uIiwibGFzdF9uYW1lIjoiTnV0bGV5IiwiZW1haWwiOiJhbnV0bGV5MEBldXJvcGEuZXUiLCJnZW5kZXIiOiJNYWxlIiwiaXBfYWRkcmVzcyI6IjMzLjE2OS4zMy4yMTgifSwidGVzdHVzZXIyIjp7ImlkIjoyLCJmaXJzdF9uYW1lIjoiTWFyaW4iLCJsYXN0X25hbWUiOiJNYXR5c2lrIiwiZW1haWwiOiJtbWF0eXNpazFAdXNhdG9kYXkuY29tIiwiZ2VuZGVyIjoiRmVtYWxlIiwiaXBfYWRkcmVzcyI6IjE2LjEzMy42OS4xMzkifX0.mJUaFtoUfZ5qIgTRbcB4cLGDi15HFojQKZg5I1h6yRg",
    accessExpiraton: 1679309043,
    refreshToken:
      "https://jwt.io/#debugger-io?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJ0ZXN0MSI6IkhlbGxvIHdvcmxkIiwiZG91Z2xhcyI6eyJxdW90ZSI6IkZvciBpbnN0YW5jZSwgb24gdGhlIHBsYW5ldCBFYXJ0aCwgbWFuIGhhZCBhbHdheXMgYXNzdW1lZCB0aGF0IGhlIHdhcyBtb3JlIGludGVsbGlnZW50IHRoYW4gZG9scGhpbnMgYmVjYXVzZSBoZSBoYWQgYWNoaWV2ZWQgc28gbXVjaOKAlHRoZSB3aGVlbCwgTmV3IFlvcmssIHdhcnMgYW5kIHNvIG9u4oCUd2hpbHN0IGFsbCB0aGUgZG9scGhpbnMgaGFkIGV2ZXIgZG9uZSB3YXMgbXVjayBhYm91dCBpbiB0aGUgd2F0ZXIgaGF2aW5nIGEgZ29vZCB0aW1lLiBCdXQgY29udmVyc2VseSwgdGhlIGRvbHBoaW5zIGhhZCBhbHdheXMgYmVsaWV2ZWQgdGhhdCB0aGV5IHdlcmUgZmFyIG1vcmUgaW50ZWxsaWdlbnQgdGhhbiBtYW7igJRmb3IgcHJlY2lzZWx5IHRoZSBzYW1lIHJlYXNvbnMuIiwicXVvdGUyIjoi4oCcVGhlcmUgaXMgYSB0aGVvcnkgd2hpY2ggc3RhdGVzIHRoYXQgaWYgZXZlciBhbnlvbmUgZGlzY292ZXJzIGV4YWN0bHkgd2hhdCB0aGUgVW5pdmVyc2UgaXMgZm9yIGFuZCB3aHkgaXQgaXMgaGVyZSwgaXQgd2lsbCBpbnN0YW50bHkgZGlzYXBwZWFyIGFuZCBiZSByZXBsYWNlZCBieSBzb21ldGhpbmcgZXZlbiBtb3JlIGJpemFycmUgYW5kIGluZXhwbGljYWJsZS4iLCJxdW90ZTMiOiJUaGVyZSBpcyBhbm90aGVyIHRoZW9yeSB3aGljaCBzdGF0ZXMgdGhhdCB0aGlzIGhhcyBhbHJlYWR5IGhhcHBlbmVkLiJ9LCJ0ZXN0dXNlciI6eyJpZCI6MSwiZmlyc3RfbmFtZSI6IkFhcm9uIiwibGFzdF9uYW1lIjoiTnV0bGV5IiwiZW1haWwiOiJhbnV0bGV5MEBldXJvcGEuZXUiLCJnZW5kZXIiOiJNYWxlIiwiaXBfYWRkcmVzcyI6IjMzLjE2OS4zMy4yMTgifSwidGVzdHVzZXIyIjp7ImlkIjoyLCJmaXJzdF9uYW1lIjoiTWFyaW4iLCJsYXN0X25hbWUiOiJNYXR5c2lrIiwiZW1haWwiOiJtbWF0eXNpazFAdXNhdG9kYXkuY29tIiwiZ2VuZGVyIjoiRmVtYWxlIiwiaXBfYWRkcmVzcyI6IjE2LjEzMy42OS4xMzkifX0.mJUaFtoUfZ5qIgTRbcB4cLGDi15HFojQKZg5I1h6yRg",
    refreshExpiraton: 1679910247,
  },
};

You can find an edited version of the auth handler in my example repo, though @sidebase/nuxt-auth does not seem to run on codesandbox.

Describe the bug

When generating a JWT that is bigger than 4096 bytes, the next-auth core module will chunk your cookies. That way, you’ll end up with 2 session tokens.

next-auth.session-token.0 next-auth.session-token.1

Initial login seems to work fine, and I can see I’m logged in.

However, when I reload the page I get an error in my console and my session cookies get removed automatically. Sometimes I need to reload a couple of times to trigger this. Sometimes it’s immediate.

Additional context

This error does not happen with session cookies under the 4096 bytes limit.
I can reproduce by generating a large token.

Logs

When logging in or reloading the page:



[next-auth][debug][CHUNKING_SESSION_COOKIE] {                                                                                                                   11:28:41
  message: 'Session cookie exceeds allowed 4096 bytes.',
  emptyCookieSize: 163,
  valueSize: 4729,
  chunks: [ 4096, 959 ]
}

When hammering a page reload and it logs me out:

[next-auth][error][JWT_SESSION_ERROR]                                                                                                                           11:28:41
https://next-auth.js.org/errors#jwt_session_error JWE Initialization Vector missing or incorrect type {
  message: 'JWE Initialization Vector missing or incorrect type',
  stack: 'JWEInvalid: JWE Initialization Vector missing or incorrect type\n' +
    '    at flattenedDecrypt (/Users/jan.hoogeveen/Projects/demo-app/node_modules/jose/dist/node/cjs/jwe/flattened/decrypt.js:24:15)\n' +
    '    at compactDecrypt (/Users/jan.hoogeveen/Projects/demo-app/node_modules/jose/dist/node/cjs/jwe/compact/decrypt.js:18:63)\n' +
    '    at jwtDecrypt (/Users/jan.hoogeveen/Projects/demo-app/node_modules/jose/dist/node/cjs/jwt/decrypt.js:8:61)\n' +
    '    at Object.decode (/Users/jan.hoogeveen/Projects/demo-app/node_modules/next-auth/jwt/index.js:64:34)\n' +
    '    at async Object.session (/Users/jan.hoogeveen/Projects/demo-app/node_modules/next-auth/core/routes/session.js:41:28)\n' +
    '    at async AuthHandler (/Users/jan.hoogeveen/Projects/demo-app/node_modules/next-auth/core/index.js:158:27)\n' +
    '    at async file:///Users/jan.hoogeveen/Projects/demo-app/.nuxt/dev/index.mjs:540:24\n' +
    '    at async Object.handler (file:///Users/jan.hoogeveen/Projects/demo-app/node_modules/h3/dist/index.mjs:1212:19)\n' +
    '    at async toNodeHandle (file:///Users/jan.hoogeveen/Projects/demo-app/node_modules/h3/dist/index.mjs:1287:7)\n' +
    '    at async ufetch (file:///Users/jan.hoogeveen/Projects/demo-app/node_modules/unenv/runtime/fetch/index.mjs:9:17)',
  name: 'JWEInvalid'
}
[next-auth][error][JWT_SESSION_ERROR]                                                                                                                           11:28:41
https://next-auth.js.org/errors#jwt_session_error Invalid Compact JWE {
  message: 'Invalid Compact JWE',
  stack: 'JWEInvalid: Invalid Compact JWE\n' +
    '    at compactDecrypt (/Users/jan.hoogeveen/Projects/demo-app/node_modules/jose/dist/node/cjs/jwe/compact/decrypt.js:16:15)\n' +
    '    at jwtDecrypt (/Users/jan.hoogeveen/Projects/demo-app/node_modules/jose/dist/node/cjs/jwt/decrypt.js:8:61)\n' +
    '    at Object.decode (/Users/jan.hoogeveen/Projects/demo-app/node_modules/next-auth/jwt/index.js:64:34)\n' +
    '    at async Object.session (/Users/jan.hoogeveen/Projects/demo-app/node_modules/next-auth/core/routes/session.js:41:28)\n' +
    '    at async AuthHandler (/Users/jan.hoogeveen/Projects/demo-app/node_modules/next-auth/core/index.js:158:27)\n' +
    '    at async file:///Users/jan.hoogeveen/Projects/demo-app/.nuxt/dev/index.mjs:540:24\n' +
    '    at async Object.handler (file:///Users/jan.hoogeveen/Projects/demo-app/node_modules/h3/dist/index.mjs:1212:19)\n' +
    '    at async toNodeHandle (file:///Users/jan.hoogeveen/Projects/demo-app/node_modules/h3/dist/index.mjs:1287:7)\n' +
    '    at async ufetch (file:///Users/jan.hoogeveen/Projects/demo-app/node_modules/unenv/runtime/fetch/index.mjs:9:17)\n' +
    '    at async $fetchRaw2 (file:///Users/jan.hoogeveen/Projects/demo-app/node_modules/ofetch/dist/shared/ofetch.502a4799.mjs:180:24)',
  name: 'JWEInvalid'
}

About this issue

Original URL
State: closed
Created a year ago
Reactions: 6
Comments: 40 (6 by maintainers)

Most upvoted comments

PR to resolve this has been submitted - Please give it a thumbs up to get it moved along. @BracketJohn I guess it’ll need to be pulled in once it’s merged.

kilakewe on Jun 5, 2023

What if making the return value of the jwt callback not possible? I need to keep the access_token around (to make API requests to our own backend), the refresh_token (to enable token rotation) and certain user information.

All of this is of cause not needed in the session itself and the information are filtered properly (in the session callback), but as the return value of the jwt callback is encrypted and the token is used to populate the session, i cannot reduce these information.

th3l0g4n on Nov 30, 2023

Looks like it was fixed on https://github.com/nextauthjs/next-auth/releases/tag/next-auth%404.23.0 but upgrading to this version seems to break nuxt-auth

dvh91 on Aug 27, 2023

What if making the return value of the jwt callback not possible? I need to keep the access_token around (to make API requests to our own backend), the refresh_token (to enable token rotation) and certain user information.

All of this is of cause not needed in the session itself and the information are filtered properly (in the session callback), but as the return value of the jwt callback is encrypted and the token is used to populate the session, i cannot reduce these information.

I have the exact same use case as I’m trying to implement a token refresh logic for my Cognito user pools. I need to be able to store the access and refresh tokens in the token property—not necessarily to pass them to the front end but simply to persist them throughout the session and refresh the token when needed.

Any ideas?

imduchy on Dec 3, 2023

OK, so I was convinced that next-auth had this fix in, having seen the PR and commit being merged.

My tests this morning must have just gotten the cookie chunks in order every time correctly which led me to believe that the issue was fixed.

The module is now not working as expected on my end again.

I’ve checked-out next-auth@4.22.3 and for some reason the fix seems to have been rolled back, so therefor the above PR doesn’t fix the issue.

codetheorist on Jul 20, 2023

Any update/workaround for the issue?

I’m using

"@sidebase/nuxt-auth": "0.7.1",

joaltoroc on Apr 16, 2024

I’d like to know too, this issue needs to be fixed.

tnld on Aug 4, 2023

@christine927t not sure sorry, I’m not a part of the next-auth team, just a contributor out in the wild.

kilakewe on Jun 7, 2023

Thanks for taking time to look into this - I really appreaciate it!

As it’s realted to really low-level cookie ordering, this is likely either (1) or (2), as nuxt-auth does not touch cookies,it relies on next-auth and nuxt setting / unsetting them. So I’d propose to go into next-auth with a minimal reproduction -> best would probably be a native next-auth/auth.js reproduction as I don’t want @balazsorban44 to come under pressure to look into the code of nuxt-auth -> it’s our job not his.

Having a next-auth reproduction would also improve the reliability of this analysis: It would show that it is definitely not related to nuxt or nuxt-auth!

https://github.com/nextauthjs/next-auth/pull/5398 is probably already a good lead, great find!

Btw: You could re-try with the latest supported next-auth version just for fun to see if maybe they’ve (accidentally) solved the problem.

BracketJohn on Apr 15, 2023

@BracketJohn I understand. I’ll see how far I can get on my own, or with the help of @kilakewe.

The first login works well. That we know. At a page reload, there’s a chance the cookies work well or they get rejected as invalid

Based on this, I had a theory that the order of the cookies, or the chunks, was not guaranteed.

I’ve been logging the chunks that are used in next-auth/core/lib/cookies.js

Logs from first login (valid, working tokens)

Getting value of chunks                                                                                                                                         14:33:27
{                                                                                                                                                               14:33:27
  'next-auth.session-token.0': 'eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..S5HBPKlkZoasR4WC.B3ILaT0kwvgmIydLp60T-BaLkSTolqxCJHqxAQWdsCiO_-nvRc3z_niAYvHrPH1iciGlliEKgVj_UGLpbIDVgR8DGHirsMz2J6aPWwxjI1evht4vsQm6bBsGzJu43w88i6xDKRAqQK-zP15MYoNczlf9tAaeVagu7jPTRhUnQOVa3OsHDwc9K_CETpPdJMkcXiHa2yfxFGOa0LtP0ONPqaickrv9IzUPf2_64CEOL7QHqeFoTy-XuLtISh5IHd45ElVZr-hCZ9Qf0LiLX-nOAkgDY0G-1LJ29YGWTzfGeWNkN3UHWEqP6rBQ7ZfT59DSkWXHw_CErEl2stFzXBcWhLoqwhmFGC5B_JydZ9VHRjRIBeQdFXct2ebGgGJEyWNgUNv-4MK0w7FGK5ivwNRyJAhf9lTZngmP2z1EqIE_XSG3lrLBFPNnEHAJ08wCxFIpP14gSjyhYGPI_IXJ1RPQG9c23-TXscuF5_yO152Sa_rSIA8on0JgjHPsvg10Uk1ucUA7Uu2LZEmsLF5jmwf61lz10NW2LTqW3xUNfLcIPSccPyocycc1WI70s35TWulwSVDxgwwEEmE2ht2vb92d2WrBoAsxS7xcE0ygqx0itYIruN5RbmeMrQ6_-GhuDEpgl8-c0fG2TpWMWGQxd5idagXnCq9KhV37LmDjVregWAdKglPnZ5nXdELa-Sh5-b9YFPYg441Px0YmN-CNWIpUoHnYwojosVsADlKWFrMiCXHUDNWLNmKlXAK-A62F6QPJI01E0buJrvQU-XMf8bWtC3ZEQSo8hmbjx54dEmX8fnL20mtqgOXO5t76aOKg-s3ggpdgF09DuqDRzpUPZrriJJXQzg1ur0Ue0VtvULvW68tTtUQJmQTxhzRwTTqhhi6qzzEypQBgqgQpK162m7pWnCAwzfUm14Jq3XVTN45NGknxSCJ9z5CApHMsaH5SV2xqAj6-QIOK9d-rhvsqSSJ50hMmNxI47ILyaMtoaTmNqwdWF_cWFy5-3X5nickICRsLac11fypO4oDFYR0Ozyqj87MC1kD5R77rIehHepQFOu6y5Xbe21axnV_ejUrAkmXAorJsWmDPIOj7uzIdjFGQAMK6Pobzytlt4zQGiVyzfyYuucf_oxv80v2qya6GJgN9mvsGY_tpyV2wMmE3BQ7JhFxF0WHnVcl8gWeIIngBdsKJJzLqvsVhXo4CUrffQg9SdISVZmQF0oIcftp9D-uJVHNyoYbiuaRma46D3gB3SGMGnjbcdWj6SmUkRvP-q7Nwj2jGhjorUdR4bf3X3KaBWXu9D6mfH4JMvCmY4a-fOczQyTg9TBv8sHM4-xlTDr1OTMaxxINKbgI92LEPFDmhmq6od8uvJqHj1fiMs86mNT7GdRq7K5KTjW7gRJTIM3YVMr_4I43c4tIpQW_OS1hd7lxzkebqq13uK5Xb_5K-f7zgOeobdmRyP63Yk5xNnlYZ47Z2XI2Ac2GDll5fZgEnVRH0oKdZwmstOwCLB8gFnCFvehKkTnmVu2fU16mi4WZOq62qJc0yq387BiaJez4NKjCXnHhdniXArUyUwwb-Y-WJmK-IEcO0QefDTUJNYo0rSTJVOotWNeisdSAQ3Zn3ZKF5n2AVzBQIyNZplepbMEimnRfIDVA7NK2a_PRQQCZ7cK2GV-G297oQm6IXhYx3T9ivXW_biX06-HoElgpr-qAj4HuS3xM2tE93cYPNj0yIsAha5-er7ZmEcjgut_nc_QIezYAt7umpBfODTnORJ-e9v6dRC4aI_dgmV8tsPvFdRC7k-VUht7ib7XAyD8lgf08Jgh82Qa9thv0H-XAFsdyQlGTLehY49ZA83vFmTf1TVt4Uljkr4ff0WAJ2G-lu3R9SjsE3BbxJW9UntvFoPwPVW7IC9tJntK73pOBJHWNb5ELk-gyZOzmjYQsNOr0xFkS_cA_QgxlIzxwxgexYPrS32-dNWRzgtSP_6Xyg_P1-TdOV5zuROxkX_CNb6B2e8v9GRfF-_T80zDXpIU4F8IDNahUI92My24MYBGBDMsZyJzXdyBswDelQBOS88leBf2GPQojjKCe0pZDdNwp9np2_JuLg-GgMENo4Y6Nl8HVCQtiKE1jnUwyVHb4wkc6Yjh-KnzQl24MpRXDSAjKhCWFUf0iqnKT4Wia3AWjBPmD2aT4cZEtS2em0PiP2h_sTGuD-yyvPaM77kiqoD3VOwD8ZduzpwUYbhY91B6Cm0Mh5uIHiDzFLvnzOjekceHOtQVXnBfL156EWhN_icoZIZW1s9Wdu9dMQTLuGfFFQ4x4uq54lQIqm9sf1l9hx0qa1y1D42a2FpuKMqfrQLq2s3Ojfy6H8DhmyhQG_BQbEh8Y95pnTnfWxbWIFDACP1zgbAwN8QbpTUSOGbMf-ZeqkikEVFTxCggIh8mJ4hiLgiuulTMT3TkG7EyAcWndv5H6i_EFmmfE8ITvcqnaf7jj-d0y8HEZBAXIY5VhU2phCLhJQIfLN-AXzAnr_Xqv9tLwbC1rbu7c2acxAo6NTUcUS8yB8TESmYlIK3N2M9dILEGxSSiNm18WoMqX0UDmOqNqOvLEUPhHv837R6KOGlUJrVFdocsBm5ZdhqzF-1gdEnYl8aQsK5AJnnVtEtkfVz6QclVgBkuUI-YCRhyK8whBF1BUCz3pxrMoAXO8wrvCboUtNcLOd8xbX3Ad3vXHZWR_mJa8tW7XWdRAlIE7aqCqX8Gpkn5UESnenNg6qccQQiWq5hJhuHokgufaE83WzzuFtOS9jrBxLpyd5kUupeTOkjL6G-W-zxhNzK7YgYQBdGS7n1j4lKC5eKm5yOSEuA-ZYw5CjrU_UIW6lvDZrP3MszRZ2VjBfwHgI_ENmXBE4N0H3MRYOf2ujgVPpa_DmTf8cK3zuk_n1iGcRuHXKHtuQreq4K27HsLTLjvY7sQ_Ar3onzm7-Tj_cOPEwJfAxPZS1D2MNDGa6jPQqNpjIlOTMzzSwxppSgntYdQUdf-4sSOYM_2lh1B3ydX8ukxvKVrXvGzwjTwScm3HH53otjxuyYDATKWbqH0TtyRM_e-X5GWSv84MG8RcXpYKDdBUGQ3D5k90fTmvxZET3lT28eK5voLEK1IwbqUvy9R-b7wAtrOUeqaLcvos4nVHBkQQmkRtzNqNCtxrbXK0fCOO57Fh7Xe06omSpFuYAf_tRkMAFBi-kgSwo5wtbCuL0Scsj5tNxHLJJeDTCTM7J1W3IfqrMzEU2FEXngzKtjMw2YthAn0Q-p6IXe4CkMvYel9uPDXYJPs920bNzTH96BBVjr7zAZ7oHfF2FhmVAF1W6Zt0kC4nHlLpU8FQbymvZcDuGG0QxrqZdkLEqTHHYtqpcsYOa4mNd0z11NRiId66SIUnVwX4guvRl04WOP85OQirPI-uh67_rgyoo1lHr3UPD1wBDXVv7crP9x19w41TjAAFdKTbP47Nv-T450agIVf3ShAL8gScNUvjUtESljaBEKABcF46T4YoRvlEegQ4S4jlrFSFDdFrjQWTSOsbNWw1gGVkelRQJUUvBynHh80Q0u5Kfli3rPU9iVd6K5o_0DG25cpLKhPi1cNiuLtHTOdo3lqec6ImK1n8GKOlzQT-q07MtOCaRbqvKbXRAoMoJhxcyBMT73yBLf0uN1r13zheAYuPuyIHxFdBTq-uz-CV98zBMqClsUxwlZuZ7P6iOJK1k5ORjHJgVDYpWIYvRzbjbtqG2N-Q9Xlxnha5yqHKZEslwhSpCkz63TgtfBOsqnbUQfdt25Mu54JHTpn3fWdLCTLKp5bpEPAKHqiMOTLr3SaOVpIrUoUtWlWl1azlVZNwpa4HFJypxw3VVwfJCq8NC9peo-ohsZtNlUjZzEt2',
  'next-auth.session-token.1': 'Vqy5eJz2jz2Tgh41OBkGlWdoMvqoYyzSZZbBSJ2xnUBMr5Y-YX6d6mMA5_fgOQOUfNLEfVja8BoEE7BPYOhnsOQZeYSpaeNin4kTqKN2fxYaPTRrDyUyzcNQpaHh1mG4rYyIq2KtjB8O2gNDVgH6lJGz-xyPN5U_2yW6ze6PA77Qw44KBZKsDFMMGCBr5bbW0HkDrtrT0b55wqY_7aCKxIICq-eO3NofI9-WLZ_jqLUNXiBAr8IWBCs_2248BSb6Ycpk359EfiO7nJ9sJlYcvsT4SV887ljUu6vUyFefkUVDh14SyohXSUg9qZf0JD-jQvZrnABZ4dDVwn4ESVXwsdKGpFDSjZblQ3Vk4RMi39HCubE_Mu9o8a-HKEodj3nJSVetc1R5QdbL3ONmMzQ-mv2WK4rhGOPI3e0hf7qktFxBpicyRxMdpRmZchXcHqRpf7ATnClELvJhAuTqJzRUe5EPdcgEaA-8c8KHdg-w0Uknarrf-kmKc3uckUuWLwVol88FXQ1-M0i_LpkDlzAGrDu-mqX8QFWtnk10xSQafI7dqtna8FEFysktNX6B1HPq3a9RtVR6iXTTQef-vAg5GsUaY8qI2AxI_bHAuO8osZg7PDa9z0W136ICNWr8e4L5x5jS9o0ezyy4Ahy1Cqrap-kWVGjr6FOy9A9WKcBVUAmi1uoNyc3AAa8IAxLvWIHqHqVMtN6qmpGthp8C6_5QmblDz4iD7fIN_av7CVDGiK2ZCXrbKWOUe30WwKFwJOF7nG-MeFGueoYZbwtyZA9HEbniohaKpfXUkGr0UYW-H4bb6c67DMpVDkluB2zMgQvAStZI8PPk92jrSQA.v8f6RrA_kxD_4w09R4pHTw'
}
Returning values of chunks                                                                                                                                      14:33:27
{                                                                                                                                                               14:33:27
  values: [
    'eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..S5HBPKlkZoasR4WC.B3ILaT0kwvgmIydLp60T-BaLkSTolqxCJHqxAQWdsCiO_-nvRc3z_niAYvHrPH1iciGlliEKgVj_UGLpbIDVgR8DGHirsMz2J6aPWwxjI1evht4vsQm6bBsGzJu43w88i6xDKRAqQK-zP15MYoNczlf9tAaeVagu7jPTRhUnQOVa3OsHDwc9K_CETpPdJMkcXiHa2yfxFGOa0LtP0ONPqaickrv9IzUPf2_64CEOL7QHqeFoTy-XuLtISh5IHd45ElVZr-hCZ9Qf0LiLX-nOAkgDY0G-1LJ29YGWTzfGeWNkN3UHWEqP6rBQ7ZfT59DSkWXHw_CErEl2stFzXBcWhLoqwhmFGC5B_JydZ9VHRjRIBeQdFXct2ebGgGJEyWNgUNv-4MK0w7FGK5ivwNRyJAhf9lTZngmP2z1EqIE_XSG3lrLBFPNnEHAJ08wCxFIpP14gSjyhYGPI_IXJ1RPQG9c23-TXscuF5_yO152Sa_rSIA8on0JgjHPsvg10Uk1ucUA7Uu2LZEmsLF5jmwf61lz10NW2LTqW3xUNfLcIPSccPyocycc1WI70s35TWulwSVDxgwwEEmE2ht2vb92d2WrBoAsxS7xcE0ygqx0itYIruN5RbmeMrQ6_-GhuDEpgl8-c0fG2TpWMWGQxd5idagXnCq9KhV37LmDjVregWAdKglPnZ5nXdELa-Sh5-b9YFPYg441Px0YmN-CNWIpUoHnYwojosVsADlKWFrMiCXHUDNWLNmKlXAK-A62F6QPJI01E0buJrvQU-XMf8bWtC3ZEQSo8hmbjx54dEmX8fnL20mtqgOXO5t76aOKg-s3ggpdgF09DuqDRzpUPZrriJJXQzg1ur0Ue0VtvULvW68tTtUQJmQTxhzRwTTqhhi6qzzEypQBgqgQpK162m7pWnCAwzfUm14Jq3XVTN45NGknxSCJ9z5CApHMsaH5SV2xqAj6-QIOK9d-rhvsqSSJ50hMmNxI47ILyaMtoaTmNqwdWF_cWFy5-3X5nickICRsLac11fypO4oDFYR0Ozyqj87MC1kD5R77rIehHepQFOu6y5Xbe21axnV_ejUrAkmXAorJsWmDPIOj7uzIdjFGQAMK6Pobzytlt4zQGiVyzfyYuucf_oxv80v2qya6GJgN9mvsGY_tpyV2wMmE3BQ7JhFxF0WHnVcl8gWeIIngBdsKJJzLqvsVhXo4CUrffQg9SdISVZmQF0oIcftp9D-uJVHNyoYbiuaRma46D3gB3SGMGnjbcdWj6SmUkRvP-q7Nwj2jGhjorUdR4bf3X3KaBWXu9D6mfH4JMvCmY4a-fOczQyTg9TBv8sHM4-xlTDr1OTMaxxINKbgI92LEPFDmhmq6od8uvJqHj1fiMs86mNT7GdRq7K5KTjW7gRJTIM3YVMr_4I43c4tIpQW_OS1hd7lxzkebqq13uK5Xb_5K-f7zgOeobdmRyP63Yk5xNnlYZ47Z2XI2Ac2GDll5fZgEnVRH0oKdZwmstOwCLB8gFnCFvehKkTnmVu2fU16mi4WZOq62qJc0yq387BiaJez4NKjCXnHhdniXArUyUwwb-Y-WJmK-IEcO0QefDTUJNYo0rSTJVOotWNeisdSAQ3Zn3ZKF5n2AVzBQIyNZplepbMEimnRfIDVA7NK2a_PRQQCZ7cK2GV-G297oQm6IXhYx3T9ivXW_biX06-HoElgpr-qAj4HuS3xM2tE93cYPNj0yIsAha5-er7ZmEcjgut_nc_QIezYAt7umpBfODTnORJ-e9v6dRC4aI_dgmV8tsPvFdRC7k-VUht7ib7XAyD8lgf08Jgh82Qa9thv0H-XAFsdyQlGTLehY49ZA83vFmTf1TVt4Uljkr4ff0WAJ2G-lu3R9SjsE3BbxJW9UntvFoPwPVW7IC9tJntK73pOBJHWNb5ELk-gyZOzmjYQsNOr0xFkS_cA_QgxlIzxwxgexYPrS32-dNWRzgtSP_6Xyg_P1-TdOV5zuROxkX_CNb6B2e8v9GRfF-_T80zDXpIU4F8IDNahUI92My24MYBGBDMsZyJzXdyBswDelQBOS88leBf2GPQojjKCe0pZDdNwp9np2_JuLg-GgMENo4Y6Nl8HVCQtiKE1jnUwyVHb4wkc6Yjh-KnzQl24MpRXDSAjKhCWFUf0iqnKT4Wia3AWjBPmD2aT4cZEtS2em0PiP2h_sTGuD-yyvPaM77kiqoD3VOwD8ZduzpwUYbhY91B6Cm0Mh5uIHiDzFLvnzOjekceHOtQVXnBfL156EWhN_icoZIZW1s9Wdu9dMQTLuGfFFQ4x4uq54lQIqm9sf1l9hx0qa1y1D42a2FpuKMqfrQLq2s3Ojfy6H8DhmyhQG_BQbEh8Y95pnTnfWxbWIFDACP1zgbAwN8QbpTUSOGbMf-ZeqkikEVFTxCggIh8mJ4hiLgiuulTMT3TkG7EyAcWndv5H6i_EFmmfE8ITvcqnaf7jj-d0y8HEZBAXIY5VhU2phCLhJQIfLN-AXzAnr_Xqv9tLwbC1rbu7c2acxAo6NTUcUS8yB8TESmYlIK3N2M9dILEGxSSiNm18WoMqX0UDmOqNqOvLEUPhHv837R6KOGlUJrVFdocsBm5ZdhqzF-1gdEnYl8aQsK5AJnnVtEtkfVz6QclVgBkuUI-YCRhyK8whBF1BUCz3pxrMoAXO8wrvCboUtNcLOd8xbX3Ad3vXHZWR_mJa8tW7XWdRAlIE7aqCqX8Gpkn5UESnenNg6qccQQiWq5hJhuHokgufaE83WzzuFtOS9jrBxLpyd5kUupeTOkjL6G-W-zxhNzK7YgYQBdGS7n1j4lKC5eKm5yOSEuA-ZYw5CjrU_UIW6lvDZrP3MszRZ2VjBfwHgI_ENmXBE4N0H3MRYOf2ujgVPpa_DmTf8cK3zuk_n1iGcRuHXKHtuQreq4K27HsLTLjvY7sQ_Ar3onzm7-Tj_cOPEwJfAxPZS1D2MNDGa6jPQqNpjIlOTMzzSwxppSgntYdQUdf-4sSOYM_2lh1B3ydX8ukxvKVrXvGzwjTwScm3HH53otjxuyYDATKWbqH0TtyRM_e-X5GWSv84MG8RcXpYKDdBUGQ3D5k90fTmvxZET3lT28eK5voLEK1IwbqUvy9R-b7wAtrOUeqaLcvos4nVHBkQQmkRtzNqNCtxrbXK0fCOO57Fh7Xe06omSpFuYAf_tRkMAFBi-kgSwo5wtbCuL0Scsj5tNxHLJJeDTCTM7J1W3IfqrMzEU2FEXngzKtjMw2YthAn0Q-p6IXe4CkMvYel9uPDXYJPs920bNzTH96BBVjr7zAZ7oHfF2FhmVAF1W6Zt0kC4nHlLpU8FQbymvZcDuGG0QxrqZdkLEqTHHYtqpcsYOa4mNd0z11NRiId66SIUnVwX4guvRl04WOP85OQirPI-uh67_rgyoo1lHr3UPD1wBDXVv7crP9x19w41TjAAFdKTbP47Nv-T450agIVf3ShAL8gScNUvjUtESljaBEKABcF46T4YoRvlEegQ4S4jlrFSFDdFrjQWTSOsbNWw1gGVkelRQJUUvBynHh80Q0u5Kfli3rPU9iVd6K5o_0DG25cpLKhPi1cNiuLtHTOdo3lqec6ImK1n8GKOlzQT-q07MtOCaRbqvKbXRAoMoJhxcyBMT73yBLf0uN1r13zheAYuPuyIHxFdBTq-uz-CV98zBMqClsUxwlZuZ7P6iOJK1k5ORjHJgVDYpWIYvRzbjbtqG2N-Q9Xlxnha5yqHKZEslwhSpCkz63TgtfBOsqnbUQfdt25Mu54JHTpn3fWdLCTLKp5bpEPAKHqiMOTLr3SaOVpIrUoUtWlWl1azlVZNwpa4HFJypxw3VVwfJCq8NC9peo-ohsZtNlUjZzEt2',
    'Vqy5eJz2jz2Tgh41OBkGlWdoMvqoYyzSZZbBSJ2xnUBMr5Y-YX6d6mMA5_fgOQOUfNLEfVja8BoEE7BPYOhnsOQZeYSpaeNin4kTqKN2fxYaPTRrDyUyzcNQpaHh1mG4rYyIq2KtjB8O2gNDVgH6lJGz-xyPN5U_2yW6ze6PA77Qw44KBZKsDFMMGCBr5bbW0HkDrtrT0b55wqY_7aCKxIICq-eO3NofI9-WLZ_jqLUNXiBAr8IWBCs_2248BSb6Ycpk359EfiO7nJ9sJlYcvsT4SV887ljUu6vUyFefkUVDh14SyohXSUg9qZf0JD-jQvZrnABZ4dDVwn4ESVXwsdKGpFDSjZblQ3Vk4RMi39HCubE_Mu9o8a-HKEodj3nJSVetc1R5QdbL3ONmMzQ-mv2WK4rhGOPI3e0hf7qktFxBpicyRxMdpRmZchXcHqRpf7ATnClELvJhAuTqJzRUe5EPdcgEaA-8c8KHdg-w0Uknarrf-kmKc3uckUuWLwVol88FXQ1-M0i_LpkDlzAGrDu-mqX8QFWtnk10xSQafI7dqtna8FEFysktNX6B1HPq3a9RtVR6iXTTQef-vAg5GsUaY8qI2AxI_bHAuO8osZg7PDa9z0W136ICNWr8e4L5x5jS9o0ezyy4Ahy1Cqrap-kWVGjr6FOy9A9WKcBVUAmi1uoNyc3AAa8IAxLvWIHqHqVMtN6qmpGthp8C6_5QmblDz4iD7fIN_av7CVDGiK2ZCXrbKWOUe30WwKFwJOF7nG-MeFGueoYZbwtyZA9HEbniohaKpfXUkGr0UYW-H4bb6c67DMpVDkluB2zMgQvAStZI8PPk92jrSQA.v8f6RrA_kxD_4w09R4pHTw'
  ]
}

Which leads us to the result from values.join()

eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..S5HBPKlkZoasR4WC.B3ILaT0kwvgmIydLp60T-BaLkSTolqxCJHqxAQWdsCiO_-nvRc3z_niAYvHrPH1iciGlliEKgVj_UGLpbIDVgR8DGHirsMz2J6aPWwxjI1evht4vsQm6bBsGzJu43w88i6xDKRAqQK-zP15MYoNczlf9tAaeVagu7jPTRhUnQOVa3OsHDwc9K_CETpPdJMkcXiHa2yfxFGOa0LtP0ONPqaickrv9IzUPf2_64CEOL7QHqeFoTy-XuLtISh5IHd45ElVZr-hCZ9Qf0LiLX-nOAkgDY0G-1LJ29YGWTzfGeWNkN3UHWEqP6rBQ7ZfT59DSkWXHw_CErEl2stFzXBcWhLoqwhmFGC5B_JydZ9VHRjRIBeQdFXct2ebGgGJEyWNgUNv-4MK0w7FGK5ivwNRyJAhf9lTZngmP2z1EqIE_XSG3lrLBFPNnEHAJ08wCxFIpP14gSjyhYGPI_IXJ1RPQG9c23-TXscuF5_yO152Sa_rSIA8on0JgjHPsvg10Uk1ucUA7Uu2LZEmsLF5jmwf61lz10NW2LTqW3xUNfLcIPSccPyocycc1WI70s35TWulwSVDxgwwEEmE2ht2vb92d2WrBoAsxS7xcE0ygqx0itYIruN5RbmeMrQ6_-GhuDEpgl8-c0fG2TpWMWGQxd5idagXnCq9KhV37LmDjVregWAdKglPnZ5nXdELa-Sh5-b9YFPYg441Px0YmN-CNWIpUoHnYwojosVsADlKWFrMiCXHUDNWLNmKlXAK-A62F6QPJI01E0buJrvQU-XMf8bWtC3ZEQSo8hmbjx54dEmX8fnL20mtqgOXO5t76aOKg-s3ggpdgF09DuqDRzpUPZrriJJXQzg1ur0Ue0VtvULvW68tTtUQJmQTxhzRwTTqhhi6qzzEypQBgqgQpK162m7pWnCAwzfUm14Jq3XVTN45NGknxSCJ9z5CApHMsaH5SV2xqAj6-QIOK9d-rhvsqSSJ50hMmNxI47ILyaMtoaTmNqwdWF_cWFy5-3X5nickICRsLac11fypO4oDFYR0Ozyqj87MC1kD5R77rIehHepQFOu6y5Xbe21axnV_ejUrAkmXAorJsWmDPIOj7uzIdjFGQAMK6Pobzytlt4zQGiVyzfyYuucf_oxv80v2qya6GJgN9mvsGY_tpyV2wMmE3BQ7JhFxF0WHnVcl8gWeIIngBdsKJJzLqvsVhXo4CUrffQg9SdISVZmQF0oIcftp9D-uJVHNyoYbiuaRma46D3gB3SGMGnjbcdWj6SmUkRvP-q7Nwj2jGhjorUdR4bf3X3KaBWXu9D6mfH4JMvCmY4a-fOczQyTg9TBv8sHM4-xlTDr1OTMaxxINKbgI92LEPFDmhmq6od8uvJqHj1fiMs86mNT7GdRq7K5KTjW7gRJTIM3YVMr_4I43c4tIpQW_OS1hd7lxzkebqq13uK5Xb_5K-f7zgOeobdmRyP63Yk5xNnlYZ47Z2XI2Ac2GDll5fZgEnVRH0oKdZwmstOwCLB8gFnCFvehKkTnmVu2fU16mi4WZOq62qJc0yq387BiaJez4NKjCXnHhdniXArUyUwwb-Y-WJmK-IEcO0QefDTUJNYo0rSTJVOotWNeisdSAQ3Zn3ZKF5n2AVzBQIyNZplepbMEimnRfIDVA7NK2a_PRQQCZ7cK2GV-G297oQm6IXhYx3T9ivXW_biX06-HoElgpr-qAj4HuS3xM2tE93cYPNj0yIsAha5-er7ZmEcjgut_nc_QIezYAt7umpBfODTnORJ-e9v6dRC4aI_dgmV8tsPvFdRC7k-VUht7ib7XAyD8lgf08Jgh82Qa9thv0H-XAFsdyQlGTLehY49ZA83vFmTf1TVt4Uljkr4ff0WAJ2G-lu3R9SjsE3BbxJW9UntvFoPwPVW7IC9tJntK73pOBJHWNb5ELk-gyZOzmjYQsNOr0xFkS_cA_QgxlIzxwxgexYPrS32-dNWRzgtSP_6Xyg_P1-TdOV5zuROxkX_CNb6B2e8v9GRfF-_T80zDXpIU4F8IDNahUI92My24MYBGBDMsZyJzXdyBswDelQBOS88leBf2GPQojjKCe0pZDdNwp9np2_JuLg-GgMENo4Y6Nl8HVCQtiKE1jnUwyVHb4wkc6Yjh-KnzQl24MpRXDSAjKhCWFUf0iqnKT4Wia3AWjBPmD2aT4cZEtS2em0PiP2h_sTGuD-yyvPaM77kiqoD3VOwD8ZduzpwUYbhY91B6Cm0Mh5uIHiDzFLvnzOjekceHOtQVXnBfL156EWhN_icoZIZW1s9Wdu9dMQTLuGfFFQ4x4uq54lQIqm9sf1l9hx0qa1y1D42a2FpuKMqfrQLq2s3Ojfy6H8DhmyhQG_BQbEh8Y95pnTnfWxbWIFDACP1zgbAwN8QbpTUSOGbMf-ZeqkikEVFTxCggIh8mJ4hiLgiuulTMT3TkG7EyAcWndv5H6i_EFmmfE8ITvcqnaf7jj-d0y8HEZBAXIY5VhU2phCLhJQIfLN-AXzAnr_Xqv9tLwbC1rbu7c2acxAo6NTUcUS8yB8TESmYlIK3N2M9dILEGxSSiNm18WoMqX0UDmOqNqOvLEUPhHv837R6KOGlUJrVFdocsBm5ZdhqzF-1gdEnYl8aQsK5AJnnVtEtkfVz6QclVgBkuUI-YCRhyK8whBF1BUCz3pxrMoAXO8wrvCboUtNcLOd8xbX3Ad3vXHZWR_mJa8tW7XWdRAlIE7aqCqX8Gpkn5UESnenNg6qccQQiWq5hJhuHokgufaE83WzzuFtOS9jrBxLpyd5kUupeTOkjL6G-W-zxhNzK7YgYQBdGS7n1j4lKC5eKm5yOSEuA-ZYw5CjrU_UIW6lvDZrP3MszRZ2VjBfwHgI_ENmXBE4N0H3MRYOf2ujgVPpa_DmTf8cK3zuk_n1iGcRuHXKHtuQreq4K27HsLTLjvY7sQ_Ar3onzm7-Tj_cOPEwJfAxPZS1D2MNDGa6jPQqNpjIlOTMzzSwxppSgntYdQUdf-4sSOYM_2lh1B3ydX8ukxvKVrXvGzwjTwScm3HH53otjxuyYDATKWbqH0TtyRM_e-X5GWSv84MG8RcXpYKDdBUGQ3D5k90fTmvxZET3lT28eK5voLEK1IwbqUvy9R-b7wAtrOUeqaLcvos4nVHBkQQmkRtzNqNCtxrbXK0fCOO57Fh7Xe06omSpFuYAf_tRkMAFBi-kgSwo5wtbCuL0Scsj5tNxHLJJeDTCTM7J1W3IfqrMzEU2FEXngzKtjMw2YthAn0Q-p6IXe4CkMvYel9uPDXYJPs920bNzTH96BBVjr7zAZ7oHfF2FhmVAF1W6Zt0kC4nHlLpU8FQbymvZcDuGG0QxrqZdkLEqTHHYtqpcsYOa4mNd0z11NRiId66SIUnVwX4guvRl04WOP85OQirPI-uh67_rgyoo1lHr3UPD1wBDXVv7crP9x19w41TjAAFdKTbP47Nv-T450agIVf3ShAL8gScNUvjUtESljaBEKABcF46T4YoRvlEegQ4S4jlrFSFDdFrjQWTSOsbNWw1gGVkelRQJUUvBynHh80Q0u5Kfli3rPU9iVd6K5o_0DG25cpLKhPi1cNiuLtHTOdo3lqec6ImK1n8GKOlzQT-q07MtOCaRbqvKbXRAoMoJhxcyBMT73yBLf0uN1r13zheAYuPuyIHxFdBTq-uz-CV98zBMqClsUxwlZuZ7P6iOJK1k5ORjHJgVDYpWIYvRzbjbtqG2N-Q9Xlxnha5yqHKZEslwhSpCkz63TgtfBOsqnbUQfdt25Mu54JHTpn3fWdLCTLKp5bpEPAKHqiMOTLr3SaOVpIrUoUtWlWl1azlVZNwpa4HFJypxw3VVwfJCq8NC9peo-ohsZtNlUjZzEt2Vqy5eJz2jz2Tgh41OBkGlWdoMvqoYyzSZZbBSJ2xnUBMr5Y-YX6d6mMA5_fgOQOUfNLEfVja8BoEE7BPYOhnsOQZeYSpaeNin4kTqKN2fxYaPTRrDyUyzcNQpaHh1mG4rYyIq2KtjB8O2gNDVgH6lJGz-xyPN5U_2yW6ze6PA77Qw44KBZKsDFMMGCBr5bbW0HkDrtrT0b55wqY_7aCKxIICq-eO3NofI9-WLZ_jqLUNXiBAr8IWBCs_2248BSb6Ycpk359EfiO7nJ9sJlYcvsT4SV887ljUu6vUyFefkUVDh14SyohXSUg9qZf0JD-jQvZrnABZ4dDVwn4ESVXwsdKGpFDSjZblQ3Vk4RMi39HCubE_Mu9o8a-HKEodj3nJSVetc1R5QdbL3ONmMzQ-mv2WK4rhGOPI3e0hf7qktFxBpicyRxMdpRmZchXcHqRpf7ATnClELvJhAuTqJzRUe5EPdcgEaA-8c8KHdg-w0Uknarrf-kmKc3uckUuWLwVol88FXQ1-M0i_LpkDlzAGrDu-mqX8QFWtnk10xSQafI7dqtna8FEFysktNX6B1HPq3a9RtVR6iXTTQef-vAg5GsUaY8qI2AxI_bHAuO8osZg7PDa9z0W136ICNWr8e4L5x5jS9o0ezyy4Ahy1Cqrap-kWVGjr6FOy9A9WKcBVUAmi1uoNyc3AAa8IAxLvWIHqHqVMtN6qmpGthp8C6_5QmblDz4iD7fIN_av7CVDGiK2ZCXrbKWOUe30WwKFwJOF7nG-MeFGueoYZbwtyZA9HEbniohaKpfXUkGr0UYW-H4bb6c67DMpVDkluB2zMgQvAStZI8PPk92jrSQA.v8f6RrA_kxD_4w09R4pHTw

So far, so good!

Refreshing the page

Next, I kept refreshing the page until I triggered an error. Compare with the previous logs.

Getting value of chunks                                                                                                                                         14:38:49
{                                                                                                                                                               14:38:49
  'next-auth.session-token.1': '2cc2JxGzYNjKCFQ2WJF_txzU5mjugNUyXzo9zmivb65gn_P7DoD4IXdZG_T-hLxzLXxlG4ybUkRgJg4bfLBYV2_-2MMh5B9X6ACVN0pzEvr8zrAG0pkyHY5NYKMKKrTONliFVFgekSUby-37VKITl2KDVx3J07_u6B-xnyBswucyw4lOvI8SEiesxtD7eSKvdDtYVe5QlJrRyJR-o1KuxupMgtNTnuATUuyQjjMbt9SWHUjJ5mv0ngYPLBOvrYMaXOnR5HOq60_idSxhbY5VEsjgtcpyeBChG9hQvjCpHdChtEM1y0CxrACxDobiWVMYEF4GRNdZ6YnqU5D3apQXi8-z0LHmj2oFqySTG8wRNvte9vBluPHygtvOEclTtLHLytgvGBlgXNMAU43SDBVySdJn7NQ5wdZ7qJW2Jjy01wBJCYq3cE36qz9-78Ikp4lWxIDv4lwTfCJqiYjUDMmbGXQdYwDBEY2kzglqvoN-gyjliq8m3kd_NzTeZJ0Ewn_JJyiID1gxOs_szg7VOH6fNwlKOGGxUYCuVXOg6PBbCXZMW2vFdv-08GBRHcZOuOok6cE_Uu6OceWAuZ8DXk4Bvjm-aSmhEsklk_CHR0eNaIlirAg4CHoKaL_P6Y1nqGeGPY_O15sWqTj2K61VSdxq78jxWEN0iv7ZClBBdkkuooiDB0PKqcwWxye01y4P4qJBUPaaVc6Lb_4hDOJYkEtZsVT43V4PW1h3L7aYClUd3D666Sku7Ffx7c5IANsxNKwe6jmJk_a4XJaErglgPP0YBNoTWAeVYkG5HFpjhF7RCg3BjN6UIKpvPWzSgpqfJmLiAusuZffgHwC1DLg.lT5f24ZByy9L-WijKXAKtw',
  'next-auth.session-token.0': 'eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..5h2EKEqUA3PGbv8N.biit375vfNlZdU692XjS9TKwzlXh_uRenZ_ernleDkVslN4p32dmA6eJuXt8a_DyzIIA7A3zfVVAIPAJ4uKpiBwNxgi05O45CTqvc1e1VAesND-h4rGs6p-e6yyd4Xgr4xXMcLbbL_k7OeddlS35v2qniF0aGNCtkEmkgHZM0vnz7Nh23OFVPup7ycyYSZyUcBz4Tv0fQjThobUvm_OlMtHQ3_VTVluuKenzyM86nwxvdZ55_Xdee7KYRP1sI3ROB7I9rTWn5wTu0BcXoILhIrs7V0vnLFIv7aawfscJ2R23eDLd2vUyPmonmt90tyHiafO1VQTHTH8rd7cUMQ4ODAt9CSbXA9ZpA19kvdNYoynizt1X_aVapwyldBc_jhEBD4DWiDWmF3LTys_RjB80E6MtjiDPRMlERzmC-v-YJrniMP9arDgoRcYto5WYfqPWM_Yv2KaOiZnC-hw_psJGHd4Eg03YaHFtq62pPK465U3ynYrNZdv6PWLhFWY6HcgnwB4_ZDhIKtAqNbWUegXFtljhU5aH4txhAsVX02zWrtKYBJAXpyyOMqlYOpeAQV5mvKl7IAegeSL4fgi_63sxNliI-3Vf8aso3YS0rAuuE4p_MImOYXcVEgPoBoGLSzAx-zKoI1Qg3HZ7Vsx-AgT_SeVNb0wdN76qRYqD_QaCKJKNlqfvj85MJFTH4hZG0r09i6HOiEDGNfW0LYciaEtuq5UP0NB8ZZ0Q_bDGGseGzSAdeds2L-Mom-W4eea41cDfz5ZJqBMGMiP9YVIIptBE9HW6YfzVz67HQMjq9nvvVzxjloxdB-MpczOTGCgjbKLHIV52DRHWFFMFzwrBw6_17Shtc_5O_n6CtS3KoQt-w9zfx_67cpK3Nbxy77yMXcAZuO4h-26SDSiJFIfLSPK7sNBN0E4savgfdlbv2FRHX4NS-AUCcF_O2XIs9QFpw7bm6HDPDv5V3buI2158nbmor64JOmPS0OKLHYDiojtLh-Gb-1dcS4JaSr9qQIuZOsGCFYHFBuk6QF7p_MEISjKchHBBoCL-mw_rPEE8W4pLYMDfl-fdS6rTC9yEbB6LZBQw5uQj1Lwr9zywGlv1xElFbuYjFVUWDV8nubwV5vIKw-6oY_SXFQ59LeExELVwsJHLJp6WHtMuzs_UjQUzWu5GmMlaE8eGrgNorDLAw5_gYhyewZaWWT6L90dhIPY01_qmXNGMxKqZtXShIofHpFDx2DYsjGlZNf-FnLBEoa1_Ayz32XmcoBceaL9boGFnsEpJHICsJJxSHh5TkFWUVdVzngR9qYullU_IKXeVtw5SAHXhofTfOnnr0O65hTXASK_FwaryoLOC0_7JwmNIWw2k9UeeyCXrGlhgIcNN4FR_r_GeFhLbEZl4bS0gYvz30NaxMWLnqz5gctAovyMTPYuz3BcYCBhd-JyXOOmne6vCIv337_V5zvi2rg9aqAV577KRacOca87hItpc8DnklbRzibyqzmiDvvgoR3SAU7MF4cu1DEFKi3SL-8nky1-DovuAeG0c-JP_LLnN_I6-h4pap61pWRLVP3shqnjAQYDlvUNLBzKt0lE8EJ5GZUHitL0dWptfXQtiLdns6gn40yHfmO3rdZt5sbrSsEe7KKiEJy2uNXy6Ans-IMUkV9qLFpSzmkawLoK4zol4ENYDxwLYypOo_FiJpXKpERUAsSdIuNlxamWT_7xIb203WfJmFlgu6yb_G8AHdVwB_zKYEMRgfe_zUvP1qGVY83Mo4HqDSYYrjwfjKFEL00lNg8DYO0TM5pirzYOojdHHo3vM8-w0zOwl5g6YQsfs8G0lAfx8kLX08ph45u0arue5gvU9Sldlf4eIjs_LzZsHiv_IMjaMo2lXdRxX19-jhHlJgYR21jBK_ejyGO02teJy0LnXHOMBb8Zjf026nIpD481tgkQHgisZh4z3FeakOaqxVEBEe1gu5jeZFyTIoCVXQa-1cWohmV_xI4FR-ITVSm05ZqXulZkmojulR_GE7lTzjg7oYlh42uh8SBMLGursjCMrgVH9_H8JTZCCrwSMd-LOAbEWe1Sxu9MmBxGvwoHENEfH-OKPuc6FkOsua3S1tahAimGsqlHudW8Hnm9fBx1FkN-uykKEouMvDCXlZeU6PX7LcM-fzXrxu9qXwiXfFGaHpXayBBS03dTfIhZC2Gh2KiSTaCUldlTKMwB531oLeqoHd449dshDROWUsjF6S4cVKrE4yyudjlRqbCNBQhQiReoDLp74nFGptuR4Mg_QdiNiL5wtjvx2xZfwjsJmSP9NHT_WlZy-D9PpPkJSztgpNRBNFIs76-nhsKqvsA2jYnUfH7v4XiaNknHe6xUAA-egQRD3llXyXGDrimzox5cxTF5EUQAOxzZL7YgJbusOk8LcQ8CdVDncObuQC6uxsJlS8MNnboG6hOFPRu3Sb0Zv2pl6LviWMcE-3v9DXfTc05-BfSmSyuGs8lDUeFWM8dQopV_35Z-Xk-Z8goom4VqBSu6N2C3JcxEFSYv16XvdMtocV-l2gs1vMjO9lT8lD8LENxDGpN09TKfQVu0bJdBdl7-MPqPzs0NXlU2F6MMyBuQzwaf5H-z91h5Zu400HBDFNZb97axqqOjDVsS2YPYZpf-TCJ7-yeWVHIYCgNmag-OBU5UVaA034yOPYH_5LYoxGh1AvAjgVhfwmpTyyQJsQ2KAl9V-E8F5xJnnUsCtRwFAF_oLkuytfXYxYRiEFAXWPvgnaOgUbD2QB6m82EFFTCXOMCf78p_0qEVZp_SApMeVVpgwKnGE57Nj4K-fgZGz2CF_pW612h524HoZH3BBh_sh4YCD64xQ-JDMkTX4frGyL1sxxGSJNjp7b98UaJNNHRYCsxgspGo2409rRPqQwZoPf5fCGNi4maKXsHvN7gSNzte3eU1Azwauzlny6YMkIyVzBQiKa9qCK4BU13TAcNYmStMjcMhaRfIhr0JvONvpnSisezbRNTDjmE4UMrwyXzV1TyTDE7VBpmq9ZzwmEovIcxg2i-0z5pPS8tROCGO_Lme4ZRnOketp5s5bqZ5UIcev0f3cNPu7vxRllLLbGrjo9BHZVEyHLr_H5SLTaAraSJl5-q65eUsDmRsLKG0N9qMqJMfJ4kcM1RgE1AT4RAMlaQJW9oy_AJ9oSnYvyxxxXcXKEf9ZBUme9OHEqYC4PKkrA2Mvx_DU-r_PsfUYEDnOLPup2JRcho-6lcnpAIRbIOIFHSEHOBv6oYjN5OMIh7k0J8SxMwuHv5aFwodMxLPk-oy-vw3EtPMTN2wirTHDpoaMoNiOBcMQ1mJB10Xz8TRD8Hv6mi2KIgfvr82x7_1IyQT7e9tNFYNeLQHEJvaws2ESgxXTALxRWfOn3917TKq44vnjI0Zcw-i_DrFIbQQQHTchxptxCl4nDnQkDz9pSX3gAv9m8dihK_BS0lk26v6rIWbb5n8XZBMV9wcdzyZ6-anp9ytwGucAFftBk6E9Ru9RhKnxmADK_ITnuvOpKmVr4FQGbWfsTQ4RMeU1XDTfdYUqFbVDTNxa6625D5qI7lirAxJBK1_tY5p9bV7oITxhvmivOz0hE75Vv1psIxim5R6tzhvW4v5yYJc22lejjy1X5lPf6FrLCFwN7bi0FWmW0cHjuU7eEMa08WjXky8m2UMRvtXdJl9oF9fXs9Gw8y4OCWczu7_xPm21yl2uC-9jTmHsx546GQcuZL9nmXVVPRmykX896SdpC8OA6BYSajQdnM5KzVd0eJzLsgQ3N3TfCYk7ikyi9j-xusnT_f69Rl6bQB9Jqh-i6IP7mEunG2bM_uQNDoJd3tiYuA2VJoeEFuj2xoy4vt6YWeeNXy0SElVGPzvlABRwQZh'
}

And that returns the following token after doing the values.join() method.

2cc2JxGzYNjKCFQ2WJF_txzU5mjugNUyXzo9zmivb65gn_P7DoD4IXdZG_T-hLxzLXxlG4ybUkRgJg4bfLBYV2_-2MMh5B9X6ACVN0pzEvr8zrAG0pkyHY5NYKMKKrTONliFVFgekSUby-37VKITl2KDVx3J07_u6B-xnyBswucyw4lOvI8SEiesxtD7eSKvdDtYVe5QlJrRyJR-o1KuxupMgtNTnuATUuyQjjMbt9SWHUjJ5mv0ngYPLBOvrYMaXOnR5HOq60_idSxhbY5VEsjgtcpyeBChG9hQvjCpHdChtEM1y0CxrACxDobiWVMYEF4GRNdZ6YnqU5D3apQXi8-z0LHmj2oFqySTG8wRNvte9vBluPHygtvOEclTtLHLytgvGBlgXNMAU43SDBVySdJn7NQ5wdZ7qJW2Jjy01wBJCYq3cE36qz9-78Ikp4lWxIDv4lwTfCJqiYjUDMmbGXQdYwDBEY2kzglqvoN-gyjliq8m3kd_NzTeZJ0Ewn_JJyiID1gxOs_szg7VOH6fNwlKOGGxUYCuVXOg6PBbCXZMW2vFdv-08GBRHcZOuOok6cE_Uu6OceWAuZ8DXk4Bvjm-aSmhEsklk_CHR0eNaIlirAg4CHoKaL_P6Y1nqGeGPY_O15sWqTj2K61VSdxq78jxWEN0iv7ZClBBdkkuooiDB0PKqcwWxye01y4P4qJBUPaaVc6Lb_4hDOJYkEtZsVT43V4PW1h3L7aYClUd3D666Sku7Ffx7c5IANsxNKwe6jmJk_a4XJaErglgPP0YBNoTWAeVYkG5HFpjhF7RCg3BjN6UIKpvPWzSgpqfJmLiAusuZffgHwC1DLg.lT5f24ZByy9L-WijKXAKtweyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..5h2EKEqUA3PGbv8N.biit375vfNlZdU692XjS9TKwzlXh_uRenZ_ernleDkVslN4p32dmA6eJuXt8a_DyzIIA7A3zfVVAIPAJ4uKpiBwNxgi05O45CTqvc1e1VAesND-h4rGs6p-e6yyd4Xgr4xXMcLbbL_k7OeddlS35v2qniF0aGNCtkEmkgHZM0vnz7Nh23OFVPup7ycyYSZyUcBz4Tv0fQjThobUvm_OlMtHQ3_VTVluuKenzyM86nwxvdZ55_Xdee7KYRP1sI3ROB7I9rTWn5wTu0BcXoILhIrs7V0vnLFIv7aawfscJ2R23eDLd2vUyPmonmt90tyHiafO1VQTHTH8rd7cUMQ4ODAt9CSbXA9ZpA19kvdNYoynizt1X_aVapwyldBc_jhEBD4DWiDWmF3LTys_RjB80E6MtjiDPRMlERzmC-v-YJrniMP9arDgoRcYto5WYfqPWM_Yv2KaOiZnC-hw_psJGHd4Eg03YaHFtq62pPK465U3ynYrNZdv6PWLhFWY6HcgnwB4_ZDhIKtAqNbWUegXFtljhU5aH4txhAsVX02zWrtKYBJAXpyyOMqlYOpeAQV5mvKl7IAegeSL4fgi_63sxNliI-3Vf8aso3YS0rAuuE4p_MImOYXcVEgPoBoGLSzAx-zKoI1Qg3HZ7Vsx-AgT_SeVNb0wdN76qRYqD_QaCKJKNlqfvj85MJFTH4hZG0r09i6HOiEDGNfW0LYciaEtuq5UP0NB8ZZ0Q_bDGGseGzSAdeds2L-Mom-W4eea41cDfz5ZJqBMGMiP9YVIIptBE9HW6YfzVz67HQMjq9nvvVzxjloxdB-MpczOTGCgjbKLHIV52DRHWFFMFzwrBw6_17Shtc_5O_n6CtS3KoQt-w9zfx_67cpK3Nbxy77yMXcAZuO4h-26SDSiJFIfLSPK7sNBN0E4savgfdlbv2FRHX4NS-AUCcF_O2XIs9QFpw7bm6HDPDv5V3buI2158nbmor64JOmPS0OKLHYDiojtLh-Gb-1dcS4JaSr9qQIuZOsGCFYHFBuk6QF7p_MEISjKchHBBoCL-mw_rPEE8W4pLYMDfl-fdS6rTC9yEbB6LZBQw5uQj1Lwr9zywGlv1xElFbuYjFVUWDV8nubwV5vIKw-6oY_SXFQ59LeExELVwsJHLJp6WHtMuzs_UjQUzWu5GmMlaE8eGrgNorDLAw5_gYhyewZaWWT6L90dhIPY01_qmXNGMxKqZtXShIofHpFDx2DYsjGlZNf-FnLBEoa1_Ayz32XmcoBceaL9boGFnsEpJHICsJJxSHh5TkFWUVdVzngR9qYullU_IKXeVtw5SAHXhofTfOnnr0O65hTXASK_FwaryoLOC0_7JwmNIWw2k9UeeyCXrGlhgIcNN4FR_r_GeFhLbEZl4bS0gYvz30NaxMWLnqz5gctAovyMTPYuz3BcYCBhd-JyXOOmne6vCIv337_V5zvi2rg9aqAV577KRacOca87hItpc8DnklbRzibyqzmiDvvgoR3SAU7MF4cu1DEFKi3SL-8nky1-DovuAeG0c-JP_LLnN_I6-h4pap61pWRLVP3shqnjAQYDlvUNLBzKt0lE8EJ5GZUHitL0dWptfXQtiLdns6gn40yHfmO3rdZt5sbrSsEe7KKiEJy2uNXy6Ans-IMUkV9qLFpSzmkawLoK4zol4ENYDxwLYypOo_FiJpXKpERUAsSdIuNlxamWT_7xIb203WfJmFlgu6yb_G8AHdVwB_zKYEMRgfe_zUvP1qGVY83Mo4HqDSYYrjwfjKFEL00lNg8DYO0TM5pirzYOojdHHo3vM8-w0zOwl5g6YQsfs8G0lAfx8kLX08ph45u0arue5gvU9Sldlf4eIjs_LzZsHiv_IMjaMo2lXdRxX19-jhHlJgYR21jBK_ejyGO02teJy0LnXHOMBb8Zjf026nIpD481tgkQHgisZh4z3FeakOaqxVEBEe1gu5jeZFyTIoCVXQa-1cWohmV_xI4FR-ITVSm05ZqXulZkmojulR_GE7lTzjg7oYlh42uh8SBMLGursjCMrgVH9_H8JTZCCrwSMd-LOAbEWe1Sxu9MmBxGvwoHENEfH-OKPuc6FkOsua3S1tahAimGsqlHudW8Hnm9fBx1FkN-uykKEouMvDCXlZeU6PX7LcM-fzXrxu9qXwiXfFGaHpXayBBS03dTfIhZC2Gh2KiSTaCUldlTKMwB531oLeqoHd449dshDROWUsjF6S4cVKrE4yyudjlRqbCNBQhQiReoDLp74nFGptuR4Mg_QdiNiL5wtjvx2xZfwjsJmSP9NHT_WlZy-D9PpPkJSztgpNRBNFIs76-nhsKqvsA2jYnUfH7v4XiaNknHe6xUAA-egQRD3llXyXGDrimzox5cxTF5EUQAOxzZL7YgJbusOk8LcQ8CdVDncObuQC6uxsJlS8MNnboG6hOFPRu3Sb0Zv2pl6LviWMcE-3v9DXfTc05-BfSmSyuGs8lDUeFWM8dQopV_35Z-Xk-Z8goom4VqBSu6N2C3JcxEFSYv16XvdMtocV-l2gs1vMjO9lT8lD8LENxDGpN09TKfQVu0bJdBdl7-MPqPzs0NXlU2F6MMyBuQzwaf5H-z91h5Zu400HBDFNZb97axqqOjDVsS2YPYZpf-TCJ7-yeWVHIYCgNmag-OBU5UVaA034yOPYH_5LYoxGh1AvAjgVhfwmpTyyQJsQ2KAl9V-E8F5xJnnUsCtRwFAF_oLkuytfXYxYRiEFAXWPvgnaOgUbD2QB6m82EFFTCXOMCf78p_0qEVZp_SApMeVVpgwKnGE57Nj4K-fgZGz2CF_pW612h524HoZH3BBh_sh4YCD64xQ-JDMkTX4frGyL1sxxGSJNjp7b98UaJNNHRYCsxgspGo2409rRPqQwZoPf5fCGNi4maKXsHvN7gSNzte3eU1Azwauzlny6YMkIyVzBQiKa9qCK4BU13TAcNYmStMjcMhaRfIhr0JvONvpnSisezbRNTDjmE4UMrwyXzV1TyTDE7VBpmq9ZzwmEovIcxg2i-0z5pPS8tROCGO_Lme4ZRnOketp5s5bqZ5UIcev0f3cNPu7vxRllLLbGrjo9BHZVEyHLr_H5SLTaAraSJl5-q65eUsDmRsLKG0N9qMqJMfJ4kcM1RgE1AT4RAMlaQJW9oy_AJ9oSnYvyxxxXcXKEf9ZBUme9OHEqYC4PKkrA2Mvx_DU-r_PsfUYEDnOLPup2JRcho-6lcnpAIRbIOIFHSEHOBv6oYjN5OMIh7k0J8SxMwuHv5aFwodMxLPk-oy-vw3EtPMTN2wirTHDpoaMoNiOBcMQ1mJB10Xz8TRD8Hv6mi2KIgfvr82x7_1IyQT7e9tNFYNeLQHEJvaws2ESgxXTALxRWfOn3917TKq44vnjI0Zcw-i_DrFIbQQQHTchxptxCl4nDnQkDz9pSX3gAv9m8dihK_BS0lk26v6rIWbb5n8XZBMV9wcdzyZ6-anp9ytwGucAFftBk6E9Ru9RhKnxmADK_ITnuvOpKmVr4FQGbWfsTQ4RMeU1XDTfdYUqFbVDTNxa6625D5qI7lirAxJBK1_tY5p9bV7oITxhvmivOz0hE75Vv1psIxim5R6tzhvW4v5yYJc22lejjy1X5lPf6FrLCFwN7bi0FWmW0cHjuU7eEMa08WjXky8m2UMRvtXdJl9oF9fXs9Gw8y4OCWczu7_xPm21yl2uC-9jTmHsx546GQcuZL9nmXVVPRmykX896SdpC8OA6BYSajQdnM5KzVd0eJzLsgQ3N3TfCYk7ikyi9j-xusnT_f69Rl6bQB9Jqh-i6IP7mEunG2bM_uQNDoJd3tiYuA2VJoeEFuj2xoy4vt6YWeeNXy0SElVGPzvlABRwQZh

Which will finally give us the [next-auth][error][JWT_SESSION_ERROR]

Now, there’s multiple possibilities here to explore.

Either the Map/Set collection next-auth is using to store chunks should sort the cookies by default instead of relying on object order (I think this is the safest solution?)
Nuxt.js maybe doesn’t preserve cookie order, and we should fix it in Nuxt.js
next-auth isn’t recreating the objects right, and it’s a next-auth bug.

Let me know what you think. I can always start a discussion or issue in next-auth as well.

janhoogeveen on Apr 6, 2023

Hey @janhoogeveen 👋

Thanks for the report - noted, it’ll take us some time to look into this, other issues have higher priorities right now. If you want to provide a fix though, or I can help you to walk through it that would be very welcome (:

BracketJohn on Apr 3, 2023