Hey guys. I have a question regarding the “Edge session” feature. I have enabled it ( project in https://console.ory.sh/ ) and i coded the nextjs app with:

const ory = new FrontendApi(new Configuration(edgeConfig))
ory
            .toSession(undefined, {
                headers: {
                    "Cache-Control": "max-age=60",
                },
            })
            .then(({ data }) => {
}

but i can’t see any improvements in loading time ( sessions/whoami request still loading in ~ 500 ms ). I think that the docs at https://www.ory.sh/docs/concepts/cache#configuration ar a bit old, as my ory code from above is a bit different that in the docs. Could i miss something? ( add the header to the request and enable edge sessions on the project )

Can you provide more context please? For example your project URL?

XXX

Interesting, our service provider recently changed something in the way the DNS resolution works. I can also see that the cache is not being hit properly

thank you! not a big issue for now for us, but would help a lot to lower the 500 ms to 50 ms in prod 🙂

yeah, absolutely. if you want, you can check console.ory.sh the network tab in chrome and search for

whoami

. that is the performance you can expect once this works on your custom domain

did a logout/login before this. no changes in response time

try omitting the max age briefly, you can add it later again

so, i’m getting this when i do: https://auth.openline.ai/sessions/whoami

So here’s what I do. I open https://auth.openline.ai/sessions/whoami in chrome, then i open chrome dev tools, then I copy & paste into the chrome console:

await fetch("<https://auth.openline.ai/sessions/whoami>", {
  "headers": {
    "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
    "accept-language": "de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7",
    "sec-ch-ua": "\"Not_A Brand\";v=\"99\", \"Google Chrome\";v=\"109\", \"Chromium\";v=\"109\"",
    "sec-ch-ua-mobile": "?0",
    "sec-ch-ua-platform": "\"macOS\"",
    "sec-fetch-dest": "document",
    "sec-fetch-mode": "navigate",
    "sec-fetch-site": "none",
    "sec-fetch-user": "?1",
    "upgrade-insecure-requests": "1"
  },
  "referrerPolicy": "strict-origin-when-cross-origin",
  "body": null,
  "method": "GET",
  "mode": "cors",
  "credentials": "include"
});

yes, indeed, that works. i’m getting cf-cache-status: HIT and a response in about 60 ms

exactly

Ok, but, the request done by the nextjs ory package receives: cf-cache-status: DYNAMIC

you mean ory/integrations?

Hey. I as able to hit the cache in my setup ( nextjs + vercel ) in the nextjs middleware. now i’m getting < 50ms response time

ok so if you pass the request through

/.ory/sessions/whoami

it’s always dynamic right?

yes

ok got it 😕 originally, ory/integrations was built as a poc to figure out how to deal with these preview deployments. while it works quite well for testing and development, it’s problematic when used in production, because it routes all the traffic through one IP which essentially disables some of the security options we have. Plus, it does weird things like breaking the cache

Maybe a notice on the README that its not meant to be used in production and can be removed once you add a CNAME? And then we add some to the docs as well, in the places where its used.

That sounds like a good way to do it! We also need to update our NextJS example in the docs though

I am not able to replicate from the documentation for nextjs using Ory-integration. In my project slug social login is enabled. After signing it the attached error pops up. Why does Social sign in does not work with ory-integrations? What is an alternative way to do local development with nextjs?