Multi Session

The multi-session plugin lets one browser hold multiple signed-in accounts at the same time. It keeps a signed session_list cookie of every session, while the normal session-token cookie points at the active one. Users can list, switch, and revoke the stored sessions without re-authenticating.

Installation

from kernia import KerniaOptions
from kernia.auth import init
from kernia.plugins.multi_session import multi_session

auth = init(KerniaOptions(
    database=adapter,
    secret=os.environ["KERNIA_SECRET"],
    base_url=os.environ["KERNIA_BASE_URL"],
    plugins=[multi_session(maximum=5)],
))

import { createAuthClient } from "better-auth/client";
import { multiSessionClient } from "better-auth/client/plugins";

export const authClient = createAuthClient({
  baseURL: "/api/auth",
  plugins: [multiSessionClient()],
});

Usage

List device sessions

const { data } = await authClient.multiSession.listDeviceSessions();

Returns the sessions stored in this browser — render them as an account switcher.

Switch the active session

await authClient.multiSession.setActive({ sessionToken: "session-token" });

Repoints the session-token cookie at another stored session.

Revoke a session

await authClient.multiSession.revoke({ sessionToken: "session-token" });

Removes that session from the device and updates the session_list cookie.

Options

Schema

No tables are added. The plugin reads existing session rows and maintains the signed better-auth.session_list cookie. This is a browser convenience layer — server-side revocation still applies.