How to refresh user session automatically when using @supabase/ssr

[dule-kitemetric]

I've implemented Supabase Auth in NestJS using @supabase/ssr package, version 0.3.0.
Each request will go through my SupabaseMiddleware before moving to another step of the request's lifecycle.

import { Injectable, NestMiddleware } from '@nestjs/common';
import { createServerClient } from '@supabase/ssr';
import { SupabaseClient } from '@supabase/supabase-js';
import { NextFunction, Request, Response } from 'express';

import { SupabaseService } from '@/modules/shared/supabase/supabase.service';

@Injectable()
export class SupabaseMiddleware implements NestMiddleware {
  constructor(
    private readonly configService: ConfigService,
    private readonly supabaseService: SupabaseService
  ) {}

  async use(req: Request, res: Response | undefined, next: NextFunction) {
    const supabaseClient: SupabaseClient = createServerClient(
     'SUPABASE_URL',
     'SERVICE_ROLE_KEY',
      {
        cookies: {
          get: (key) => {
            const cookies = req.cookies;
            const cookie = (cookies[key] ?? '') as string;
            return decodeURIComponent(cookie);
          },
          set: (key, value, options) => {
            res?.cookie(key, encodeURIComponent(value), {
              ...options,
              sameSite: 'Lax',
              httpOnly: true,
            });
          },
          remove: (key, options) => {
            res?.cookie(key, '', { ...options, httpOnly: true });
          },
        },
      }
    );

    this.supabaseService.setAuthClient(supabaseClient.auth);

    next();
  }
}

Problem: When user session is expired, Supabase Auth try to refresh user session (set cookies via response), which sometimes leads to error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client (attached image)

Cause: Supabase Auth handles refresh session asynchronously. For requests taking little time, controller/service will return response to FE before Supabase Auth has done updating user session cookie (via response)

Question: Is there a way to handle this problem? I want when user session expired, my app automatically refresh session without redirect to login page