From 0df8793f5fd4bb232c57097b2b4f4fecb7612ddc Mon Sep 17 00:00:00 2001
From: Tim Etler <tmetler@gmail.com>
Date: Sun, 15 Jun 2025 12:51:20 -0700
Subject: [PATCH] fix: deleteUser check session freshAge using ms instead of
 sec (#3020)

---
 packages/better-auth/src/api/routes/update-user.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/better-auth/src/api/routes/update-user.ts b/packages/better-auth/src/api/routes/update-user.ts
index 16fb1e924f..9ba062fd15 100644
--- a/packages/better-auth/src/api/routes/update-user.ts
+++ b/packages/better-auth/src/api/routes/update-user.ts
@@ -512,7 +512,7 @@ export const deleteUser = createAuthEndpoint(
 			const currentAge = session.session.createdAt.getTime();
 			const freshAge = ctx.context.options.session.freshAge;
 			const now = Date.now();
-			if (now - currentAge > freshAge) {
+			if (now - currentAge > freshAge * 1000) {
 				throw new APIError("BAD_REQUEST", {
 					message: BASE_ERROR_CODES.SESSION_EXPIRED,
 				});