session hook that provides token for API and requires one POST

[pke]

In my app the user get assigned a temporary session as long as she is not logged it.
The sessions id needs to be handed to all the fetchers as an argument (which will end up in a header).

When the user logs in, she gets a new a new session id as the response and this has then to be used across all fetchers. So for "hystorical raisons" each get/post request needs a session id header param, even when logging in (using a temporary session UUID created on the client).

As a tricky bonus the /order endpoint can be used with either a temporary or user session ID.

I would also like to prevent swr from fetching /user if the session ID is temporary and not a user session (which is determined by the session response containing user field).

function useSession() {
  const { data: session, mutate } = useSWR("/session")
  
  async function login(email, password) {
    // Here it must use the temp session id
    const loginSession = await post("/login", session.id, { email, password })
    mutate(loginSession)
  }

 return {
   session,
   login,
   logout
 }
}

function useUser() {
  const { session, logout } = useSession()
  const { data: user } = useSWR(session.user ? ["/user", session.id] : null, get)

  return {
    user,
    logout,
  }
}

function useOrder() {
  const { session } = useSession()
  const { data: order } = useSWR(["/order, session.id], get)

  return {
    order
  }
}

I am struggling to find out when to create the temp session UUID and how to make the switch to the user session ID once she logged it.