RootCauseunvalidated

calls `setSessionCookie(ctx, ...)` → `ctx.setSignedCookie()` → `cookies().set()`. Tension: In Next.js 15, `cookies().set()` throws in Server Components — only allowed in Route Handlers and Server Actions. Outcome: Found the escape hatch at line 211: `ctx.query?.disableRefresh` — when truthy, getSession returns the session without attempting the cookie write.

a4752b8f-a921-4e94-9ef2-5f1d9cce4a3a

calls setSessionCookie(ctx, ...) → ctx.setSignedCookie() → cookies().set(). Tension: In Next.js 15, cookies().set() throws in Server Components — only allowed in Route Handlers and Server Actions. Outcome: Found the escape hatch at line 211: ctx.query?.disableRefresh — when truthy, getSession returns the session without attempting the cookie write.