when is removeExpiredSessions used?

[fotoflo]

Hello again :-)
I found the removeExpriedSessions function in the firebase-server.ts file

removeExpriedSessions says " // Expired session deletion function, used for cron or api"

But i cant find the cron job or api call? I guess i'm supposed to develop that? is there a suggested implementation method?

Also i found the refreshAccessToken function in https://next-auth.js.org/tutorials/refresh-token-rotation

but it's also not referenced or called anywhere - the tutorial has it called in the JWT callback but we don't use that callback since we're persisting to firestore right? So is there a suggested implementation for either of these?

Thank you,
Alex

export async function removeExpiredSessions(
  limit: number = 100,
  asyncMax: number = 30
) {
  // Expired session deletion function, used for cron or api
  const adapter = FirebaseAdapter(db);

  const q = db
    .collection(`${ADAPTER_COLLECTION_NAME}/auth_store/session`)
    .where("expires", "<", new Date())
    .limit(limit);
  const expiredSessionDocs = await findMany(q);
  await asyncMap(
    expiredSessionDocs.map(
      (doc) => () =>
        adapter.deleteSession(doc.data().sessionToken) as Promise<void>
    ),
    asyncMax
  );
}

[fotoflo]

A little additional question - the refresh tutorial at https://next-auth.js.org/tutorials/refresh-token-rotation POSTs the refresh token to google... but i didnt see a refresh token in the data structure created by the adapter. Am I missing something?

Thanks again