Performance: Session management
MEDIUM IMPACT
Session management affects page load speed and interaction responsiveness by controlling how user data is stored and accessed during navigation.
0Session management in NextJS - Performance & Optimization
Start learning this pattern below
Jump into concepts and practice - no test required
or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Storing user session data for authentication in a Next.js app
NextJS
import { getServerSession } from 'next-auth/next'; import { authOptions } from './authOptions'; export default async function handler(req, res) { const session = await getServerSession(req, res, authOptions); if (!session) { res.status(401).json({ error: 'Unauthorized' }); return; } // minimal async processing res.status(200).json({ user: session.user }); }
Using optimized async session retrieval with minimal processing avoids blocking and speeds up response.
📈 Performance GainNon-blocking response, reduces INP by 50-70 ms
Storing user session data for authentication in a Next.js app
NextJS
import { getSession } from 'next-auth/react'; export default async function handler(req, res) { const session = await getSession({ req }); if (!session) { res.status(401).json({ error: 'Unauthorized' }); return; } // heavy synchronous processing here res.status(200).json({ user: session.user }); }
Fetching session on every request with synchronous heavy processing blocks the event loop and delays response.
📉 Performance CostBlocks rendering for 100+ ms on each request, increasing INP
Performance Comparison
| Pattern | DOM Operations | Reflows | Paint Cost | Verdict |
|---|---|---|---|---|
| Synchronous session fetch with heavy processing | Minimal | Multiple due to blocking | High due to delayed paint | [X] Bad |
| Async session fetch with minimal processing | Minimal | Single or none | Low, smooth paint | [OK] Good |
| Immediate localStorage writes on session change | None | Multiple reflows | Medium due to blocking | [X] Bad |
| Deferred localStorage writes using requestIdleCallback | None | Single or none | Low, non-blocking | [OK] Good |
Rendering Pipeline
Session management affects the browser's interaction responsiveness by controlling when and how session data is fetched and stored, impacting event handling and rendering.
→JavaScript Execution
→Layout
→Paint
⚠️ BottleneckJavaScript Execution blocking event loop
Core Web Vital Affected
INP
Session management affects page load speed and interaction responsiveness by controlling how user data is stored and accessed during navigation.
Optimization Tips
1Avoid synchronous heavy processing during session retrieval to prevent blocking rendering.
2Defer client-side session storage operations to idle time to reduce main thread blocking.
3Minimize session data size to reduce serialization and storage overhead.
Performance Quiz - 3 Questions
Test your performance knowledge
Which session management pattern improves interaction responsiveness in Next.js?
DevTools: Performance
How to check: Record a session during navigation and interaction; look for long tasks blocking main thread and delayed event handling.
What to look for: Long tasks over 50ms and delayed input responsiveness indicate poor session management.
Practice
1. What is the main purpose of session management in Next.js applications?
easy
Solution
Step 1: Understand session management concept
Session management is about keeping track of user data across different pages or visits.Step 2: Identify the main purpose in Next.js
Next.js uses session management to remember users, so they don't have to log in repeatedly or lose their data.Final Answer:
To remember user information between page visits -> Option AQuick Check:
Session management = Remember user info [OK]
Hint: Sessions keep user info across pages and visits [OK]
Common Mistakes:
- Confusing session management with styling or routing
- Thinking sessions optimize images
- Believing sessions handle API routing only
2. Which of the following is the correct way to get the session on the server side in Next.js?
easy
Solution
Step 1: Recall server-side session retrieval method
In Next.js, the functiongetServerSession()is used on the server to get the current session.Step 2: Check each option for correctness
const session = useSession(); usesuseSession(), which is client-side only. Options B and D are not valid Next.js functions.Final Answer:
const session = getServerSession(); -> Option BQuick Check:
Server session = getServerSession() [OK]
Hint: Use getServerSession() on server, useSession() on client [OK]
Common Mistakes:
- Using useSession() on the server side
- Assuming fetchSession() is a Next.js function
- Confusing client and server session methods
3. Given this Next.js client component code snippet, what will be the output if the user is not logged in?
import { useSession } from 'next-auth/react';
export default function Profile() {
const { data: session } = useSession();
if (!session) return <p>Please log in</p>;
return <p>Welcome, {session.user.name}</p>;
}medium
Solution
Step 1: Analyze the session check in the component
The code checks ifsessionis falsy (not logged in), then returns <p>Please log in</p> immediately.Step 2: Determine output when user is not logged in
Since the user is not logged in,sessionis null or undefined, so the component returns <p>Please log in</p>.Final Answer:
<p>Please log in</p> -> Option AQuick Check:
Not logged in shows 'Please log in' [OK]
Hint: If no session, component returns 'Please log in' [OK]
Common Mistakes:
- Assuming session.user.name exists when session is null
- Expecting an error instead of conditional return
- Thinking it shows 'Welcome, Guest' by default
4. Identify the error in this Next.js server-side session code:
import { getServerSession } from 'next-auth/next';
export async function getServerSideProps(context) {
const session = await getServerSession(context);
if (!session) {
return { redirect: { destination: '/login', permanent: false } };
}
return { props: { user: session.user } };
}medium
Solution
Step 1: Check getServerSession usage
The functiongetServerSessionrequires the request context to access cookies and headers, so it needscontext.reqandcontext.resor the full context passed.Step 2: Identify missing argument
The code callsgetServerSession()without arguments, which causes it to fail to read session data.Final Answer:
Missing passing context to getServerSession -> Option DQuick Check:
getServerSession needs context argument [OK]
Hint: Always pass context to getServerSession on server [OK]
Common Mistakes:
- Forgetting to pass context to getServerSession
- Confusing async/await usage
- Incorrect redirect destination assumptions
5. You want to protect a Next.js page so only logged-in users can access it. Which approach correctly combines server and client session checks?
hard
Solution
Step 1: Understand server-side protection
UsinggetServerSessioningetServerSidePropsallows redirecting users before the page loads if they are not logged in.Step 2: Understand client-side session usage
UsinguseSessionin the component helps show loading states or user info once the page is loaded.Step 3: Evaluate options
Use getServerSession in getServerSideProps to redirect unauthenticated users, and use useSession in the component to show loading or user info. correctly combines server-side redirect and client-side session display. The other options misuse server/client functions or locations.Final Answer:
Use getServerSession in getServerSideProps to redirect unauthenticated users, and use useSession in the component to show loading or user info. -> Option CQuick Check:
Server redirect + client session hook = Use getServerSession in getServerSideProps to redirect unauthenticated users, and use useSession in the component to show loading or user info. [OK]
Hint: Protect server-side, then show session client-side [OK]
Common Mistakes:
- Trying to use client hooks on server
- Not redirecting unauthenticated users server-side
- Using server functions inside components