refactor(session): break provider<->hook type cycle, fail-fast session query

waleedlatif1 · waleedlatif1 · commit 7c920419621e · 2026-06-22T12:19:58.000-07:00
Address review feedback:
- Move the AppSession type to lib/auth/session-response.ts (the module that
  produces it) so useSessionQuery and SessionProvider both import it from there,
  eliminating the provider &lt;-&gt; query-hook import cycle.
- Add retry: false to useSessionQuery, restoring the prior fail-fast contract
  (the global QueryClient default is retry: 1; an auth failure should surface
  immediately rather than retry a request that won't succeed).
- Return null (not the fetched value) from refreshAfterUpgrade's cancelled
  branch to make the cancellation contract explicit.
diff --git a/apps/sim/app/_shell/providers/session-provider.test.tsx b/apps/sim/app/_shell/providers/session-provider.test.tsx
@@ -32,8 +32,8 @@ vi.mock('posthog-js', () => ({
   },
 }))
 
+import type { AppSession } from '@/lib/auth/session-response'
 import {
-  type AppSession,
   SessionContext,
   type SessionHookResult,
   SessionProvider,
diff --git a/apps/sim/app/_shell/providers/session-provider.tsx b/apps/sim/app/_shell/providers/session-provider.tsx
@@ -7,28 +7,12 @@ import { useQueryClient } from '@tanstack/react-query'
 import { requestJson } from '@/lib/api/client/request'
 import { listCreatorOrganizationsContract } from '@/lib/api/contracts/organizations'
 import { client } from '@/lib/auth/auth-client'
-import { extractSessionDataFromAuthClientResult } from '@/lib/auth/session-response'
+import {
+  type AppSession,
+  extractSessionDataFromAuthClientResult,
+} from '@/lib/auth/session-response'
 import { sessionKeys, useSessionQuery } from '@/hooks/queries/session'
 
-export type AppSession = {
-  user: {
-    id: string
-    email: string
-    emailVerified?: boolean
-    name?: string | null
-    image?: string | null
-    role?: string
-    createdAt?: Date
-    updatedAt?: Date
-  } | null
-  session?: {
-    id?: string
-    userId?: string
-    activeOrganizationId?: string
-    impersonatedBy?: string | null
-  }
-} | null
-
 export type SessionHookResult = {
   data: AppSession
   isPending: boolean
@@ -65,7 +49,7 @@ export function SessionProvider({ children }: { children: React.ReactNode }) {
       const res = await client.getSession({ query: { disableCookieCache: true } })
       const fresh = extractSessionDataFromAuthClientResult(res) as AppSession
 
-      if (isCancelled) return
+      if (isCancelled) return null
 
       await queryClient.cancelQueries({ queryKey: sessionKeys.detail() })
       queryClient.setQueryData(sessionKeys.detail(), fresh)
@@ -75,7 +59,7 @@ export function SessionProvider({ children }: { children: React.ReactNode }) {
     const initializeSession = async () => {
       let session: AppSession = null
       try {
-        session = (await refreshAfterUpgrade()) ?? null
+        session = await refreshAfterUpgrade()
       } catch (e) {
         logger.warn('Failed to refresh session after subscription upgrade', { error: e })
       }
diff --git a/apps/sim/hooks/queries/session.ts b/apps/sim/hooks/queries/session.ts
@@ -1,7 +1,9 @@
 import { useQuery } from '@tanstack/react-query'
 import { client } from '@/lib/auth/auth-client'
-import { extractSessionDataFromAuthClientResult } from '@/lib/auth/session-response'
-import type { AppSession } from '@/app/_shell/providers/session-provider'
+import {
+  type AppSession,
+  extractSessionDataFromAuthClientResult,
+} from '@/lib/auth/session-response'
 
 export const sessionKeys = {
   all: ['session'] as const,
@@ -18,11 +20,16 @@ async function fetchSession(signal?: AbortSignal): Promise<AppSession> {
  *
  * This is the Better Auth client SDK (not a same-origin `requestJson` contract),
  * so a plain `useQuery` is correct — there is no boundary contract to bind.
+ *
+ * `retry: false` preserves the prior fail-fast contract: an auth failure (expired
+ * token, startup network partition) surfaces immediately rather than retrying a
+ * request that won't succeed.
  */
 export function useSessionQuery() {
   return useQuery({
     queryKey: sessionKeys.detail(),
     queryFn: ({ signal }) => fetchSession(signal),
     staleTime: 5 * 60 * 1000,
+    retry: false,
   })
 }
diff --git a/apps/sim/lib/auth/session-response.ts b/apps/sim/lib/auth/session-response.ts
@@ -1,3 +1,27 @@
+/**
+ * The app-facing session shape derived from the Better Auth client response.
+ * Lives here (the module that produces it) so both the `useSessionQuery` hook
+ * and the `SessionProvider` can import it without a provider ↔ hook import cycle.
+ */
+export type AppSession = {
+  user: {
+    id: string
+    email: string
+    emailVerified?: boolean
+    name?: string | null
+    image?: string | null
+    role?: string
+    createdAt?: Date
+    updatedAt?: Date
+  } | null
+  session?: {
+    id?: string
+    userId?: string
+    activeOrganizationId?: string
+    impersonatedBy?: string | null
+  }
+} | null
+
 export function extractSessionDataFromAuthClientResult(result: unknown): unknown | null {
   if (!result || typeof result !== 'object') {
     return null
