Edge CSRF protected error #35

misway · 2023-07-19T06:01:26Z

misway
Jul 19, 2023

Hello,

Testing on localhost is fine, but after deploying to Cloudflare, an error occurs with the JS Sign In functionality, attempting to log in using Native Link Sign In results in the error message:
{"url":"/api/auth/signin/google","statusCode":500,"statusMessage":"","message":"CSRF protected","stack":""}.

I've tried both Google and Facebook login, and the same issue happens with both.

Repo: https://github.com/misway/authjs-test
Cloudflare pages build from this repo: https://authjs-test.pages.dev/

Any suggestions? Thank you.

Answered by Hebilicious

Jul 19, 2023

You need to set the baseUrl to your deployed website URL, otherwise the CSRF protection will prevent the callback from working.

View full answer

Hebilicious · 2023-07-19T08:17:44Z

Hebilicious
Jul 19, 2023
Maintainer

@misway Please provide a reproduction and make sure to use the latest version (0.1.7)

3 replies

misway Jul 19, 2023
Author

I have added the reproduction link already. Thank you.

Hebilicious Jul 19, 2023
Maintainer

You need to set the baseUrl to your deployed website URL, otherwise the CSRF protection will prevent the callback from working.

Answer selected by misway

misway Jul 19, 2023
Author

Thank you, it works!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Edge CSRF protected error #35

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment 3 replies

{{title}}

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

Select a reply

Edge CSRF protected error #35

misway Jul 19, 2023

Replies: 1 comment · 3 replies

Hebilicious Jul 19, 2023 Maintainer

misway Jul 19, 2023 Author

Hebilicious Jul 19, 2023 Maintainer

misway Jul 19, 2023 Author

misway
Jul 19, 2023

Replies: 1 comment 3 replies

Hebilicious
Jul 19, 2023
Maintainer

misway Jul 19, 2023
Author

Hebilicious Jul 19, 2023
Maintainer

misway Jul 19, 2023
Author