fix: improve session deletion logic in sign-out endpoint to handle errors gracefully

2026-05-23 23:52:05 -05:00 · 2025-11-18 16:47:33 -08:00
parent 30828b6009
commit 99cd38b201
1 changed files with 6 additions and 8 deletions
--- a/packages/better-auth/src/api/routes/sign-out.ts
+++ b/packages/better-auth/src/api/routes/sign-out.ts
@@ -1,6 +1,4 @@
 import { createAuthEndpoint } from "@better-auth/core/api";
-import { BASE_ERROR_CODES } from "@better-auth/core/error";
-import { APIError } from "better-call";
 import { deleteSessionCookie } from "../../cookies";

 export const signOut = createAuthEndpoint(
@@ -38,13 +36,13 @@ export const signOut = createAuthEndpoint(
 			ctx.context.authCookies.sessionToken.name,
 			ctx.context.secret,
 		);
-		if (!sessionCookieToken) {
-			deleteSessionCookie(ctx);
-			throw new APIError("BAD_REQUEST", {
-				message: BASE_ERROR_CODES.FAILED_TO_GET_SESSION,
-			});
+		if (sessionCookieToken) {
+			try {
+				await ctx.context.internalAdapter.deleteSession(sessionCookieToken);
+			} catch (e) {
+				ctx.context.logger.error("Failed to delete session from database", e);
+			}
 		}
-		await ctx.context.internalAdapter.deleteSession(sessionCookieToken);
 		deleteSessionCookie(ctx);
 		return ctx.json({
 			success: true,