fix: deleteUser check session freshAge using ms instead of sec (#3020)

2026-05-30 10:56:31 -05:00 · 2025-06-15 12:51:20 -07:00
parent b6edbb9ab9
commit 0df8793f5f
1 changed files with 1 additions and 1 deletions
--- a/packages/better-auth/src/api/routes/update-user.ts
+++ b/packages/better-auth/src/api/routes/update-user.ts
@@ -512,7 +512,7 @@ export const deleteUser = createAuthEndpoint(
 			const currentAge = session.session.createdAt.getTime();
 			const freshAge = ctx.context.options.session.freshAge;
 			const now = Date.now();
-			if (now - currentAge > freshAge) {
+			if (now - currentAge > freshAge * 1000) {
 				throw new APIError("BAD_REQUEST", {
 					message: BASE_ERROR_CODES.SESSION_EXPIRED,
 				});