From df17bc3b25ec71b82131f4888724d673e929cd34 Mon Sep 17 00:00:00 2001
From: ekzyis <ek@stacker.news>
Date: Tue, 25 Mar 2025 12:25:55 -0500
Subject: [PATCH] Use MULTI_AUTH_REGEXP to test for multi auth keys (#2020)

---
 lib/auth.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/auth.js b/lib/auth.js
index 44673c20..fa4d97f4 100644
--- a/lib/auth.js
+++ b/lib/auth.js
@@ -149,7 +149,7 @@ async function refreshMultiAuthCookies (req, res) {
     // only refresh session cookie manually if we switched to anon since else it's already handled by next-auth
     if (key === SESSION_COOKIE && !isAnon) continue
 
-    if (!key.startsWith(MULTI_AUTH_LIST) && key !== SESSION_COOKIE) continue
+    if (!MULTI_AUTH_REGEXP.test(key) && key !== SESSION_COOKIE) continue
 
     if (MULTI_AUTH_JWT_REGEXP.test(key) || key === SESSION_COOKIE) {
       const oldToken = value