fix(dashboard): add session validation guard to sign out stale sessions

izadoesdev · izadoesdev · commit 3fe78204095e · 2026-04-21T12:06:28.000+03:00
The proxy only checks cookie presence — a revoked or expired session
renders a broken dashboard with silenced auth errors. SessionGuard
validates the session via useSession() and signs the user out if invalid.
diff --git a/apps/dashboard/app/(main)/layout.tsx b/apps/dashboard/app/(main)/layout.tsx
@@ -2,6 +2,7 @@ import { FeedbackPrompt } from "@/components/feedback-prompt";
 import { Sidebar } from "@/components/layout/sidebar";
 import { SidebarNavigationProvider } from "@/components/layout/sidebar-navigation-provider";
 import { BillingProvider } from "@/components/providers/billing-provider";
+import { SessionGuard } from "@/components/providers/session-guard";
 import { CommandSearchProvider } from "@/components/ui/command-search";
 import { AutumnProvider } from "autumn-js/react";
 import { Suspense } from "react";
@@ -19,17 +20,19 @@ export default function MainLayout({
 			<BillingProvider>
 				<CommandSearchProvider>
 					<SidebarNavigationProvider>
-						<div className="flex min-h-0 flex-1 flex-col overflow-hidden text-foreground">
-							<Suspense fallback={null}>
-								<Sidebar />
-							</Suspense>
-							<div className="relative flex min-h-0 flex-1 flex-col pl-0 md:pl-76 lg:pl-84">
-								<div className="flex min-h-0 flex-1 flex-col overflow-hidden overflow-x-hidden overscroll-none pt-12 md:pt-0">
-									{children}
+						<SessionGuard>
+							<div className="flex min-h-0 flex-1 flex-col overflow-hidden text-foreground">
+								<Suspense fallback={null}>
+									<Sidebar />
+								</Suspense>
+								<div className="relative flex min-h-0 flex-1 flex-col pl-0 md:pl-76 lg:pl-84">
+									<div className="flex min-h-0 flex-1 flex-col overflow-hidden overflow-x-hidden overscroll-none pt-12 md:pt-0">
+										{children}
+									</div>
 								</div>
+								<FeedbackPrompt />
 							</div>
-							<FeedbackPrompt />
-						</div>
+						</SessionGuard>
 					</SidebarNavigationProvider>
 				</CommandSearchProvider>
 			</BillingProvider>
diff --git a/apps/dashboard/components/providers/session-guard.tsx b/apps/dashboard/components/providers/session-guard.tsx
@@ -0,0 +1,20 @@
+"use client";
+
+import { authClient } from "@databuddy/auth/client";
+import { useEffect } from "react";
+
+export function SessionGuard({ children }: { children: React.ReactNode }) {
+	const { data: session, isPending } = authClient.useSession();
+
+	useEffect(() => {
+		if (isPending || session) {
+			return;
+		}
+
+		authClient.signOut().finally(() => {
+			window.location.href = "/login";
+		});
+	}, [isPending, session]);
+
+	return <>{children}</>;
+}
