next-auth is not working with Next 12.2.3 #5008
Comments
RafalFilipek
added
the
triage
|
I believe I ran into the same issue, downgrading to next 12.2.2 appears to have fixed my problem. Here is the middleware.ts I was using. import { withAuth } from 'next-auth/middleware';
export default withAuth({
callbacks: {
authorized: ({ token, req }) => {
if (!token) return false;
if (req.nextUrl.pathname.startsWith('/admin')) return token.isAdmin;
return true;
},
},
}); |
ThangHuuVu
added
middleware
|
I've tested next@12.2.3 and can confirm this is an issue, not sure about the root cause though. |
|
Hmm. @ThangHuuVu might be right. I am able to reproduce this starting with @joaogarin it's hard to say anything without a reproduction. If you think this issue is unrelated, I suggest opening a separate one with your repo to keep issues focused. 🙏 |
balazsorban44
added
bug
|
I'm having the same problem too. |
|
An update here, we've identified the issue in Next.js and are working on a fix. This should only affect local development, deployments to eg.: Vercel should work fine! |
|
Ran into this as well where it worked on Vercel but not locally. Also did not work on our Docker-ized production deployment to AWS. Cheers to all for the quick response. |
|
This issue seems to be exacerbated by using the wrong Node version. I had to downgrade to next 12.2.2 and make sure I'm using Node v14. (This is for standalone deployments in docker) |
Next v12.2.2 works for me with Node v16.16.0 and i was seemingly lucky not to require a lower Node version. With Next v12.2.3 I have the issues described in the thread. |
|
v12.2.2 doens't seem to work for me. This is only when using the custom pages. So, I create a custom layout (just copied from docs). With the login form supplied on the api routes, I am fine, and I am able to log in. |
|
Next 12.2.0 next-auth 4.10.2 working in local but not in Vercel. token returns null |
|
I debugged it into next auth code. The following error is thrown from jose: and catched here and null is returned: No idea what changed in next that this happened. The error is thrown when the payload is decrypted. But the secret and derived encryption key are the same. The token that is sent from the client is the same as the one received on the server. So that is pretty strange. Maybe the encryption is the problem? idk ^^ |
|
If this is an upstream issue @balazsorban44, is there an issue we can track on their end? |
Same here; everything works fine locally but not in Vercel. |
Did you manage to figure anything out talking to the Next.js team? |
Yes, you missed the response over here: #5008 (comment) |
|
@ChristianIvicevic thank you! Do you know if that is tracked to an issue from the Next.js team where we can get updates? |
|
Currently working for me, local & Vercel, with the following versions: node.js: middleware.ts |
@balazsorban44 do you have any news regarding this?
According to jwt.io decoder the body is invalid JSON, which is the same reason the I've been writing the main parts of my debugging in the discussion #5074 EDIT: |
|
The problem is probably the fact that now Next.js is loading |
|
I'm getting an infinite redirect using the basic usage guidance. Dependencies"dependencies": {
"@next-auth/prisma-adapter": "1.0.4",
"@prisma/client": "4.1.1",
"next": "12.2.2",
"next-auth": "4.10.3",
"react": "18.2.0",
"react-dom": "18.2.0"
}Environmentmiddleware.tsexport { default } from 'next-auth/middleware'; |
Had a similar issue with Dockerized deployment to AWS, I had to downgrade to |
i'm trying to downgrade version next to 12.2.2 but function getToken still return null |
Same here, I am new to nodeJS, next etc.. I come from the Java world so I know what I am doing but I've been pulling my hair trying to resolve this and downgrading doesn't solve the issue. |
|
@balazsorban44 any idea when this will be released? |
|
Next.js does daily or bi-daily releases to canary so likely today or tomorrow. |
|
|
|
If anyone interested in making sure this won't happen in the future, it would be cool to add a cron job/ github action in our CI to ensure we discover issues like this early on, by running tests against the latest |
|
After installing canary [...nextauth].ts file : |
|
|
|
None of the canary are solving the issue for me, still getting a null token every time, but the canary.4 does breaks the system. What steps do you follow to make it work with canary.3? I'm changing package to I have the following middleware. |
|
Upgrade to next latest 12.2.5 seem solve the problems. |
|
I was using database sessions and had problems with next@12.2.5, but switching to jwt strategy solved the problem |
|
I'm still running into this issue not matter what versions of either package I run; is it something that is cached in Vercel and I can't get around? I'm at a loss now, this has been about 2 weeks of work trying everything I can to get it fixed and still not finding a workable solution. |
|
@thejessewinton I have the same problem. I 12.2.5, 12.2.2, a bunch of canaries. none of them seems to work |
|
I confirm that upgrading next (from 12.2.2, not working) to 12.2.5 fixes this issue. I was using Twitter provider.
import { withAuth } from 'next-auth/middleware';
export default withAuth(
// `withAuth` augments your `Request` with the user's token.
function middleware(req) {
console.log(req.nextauth.token); // This was null in 12.2.2, and working in 12.2.5
},
{
callbacks: {
authorized: ({ token }) => {
// This is to only allow access to these Twitter user ids.
return ['44196397', '15540222'].includes(token?.sub); // Elon Musk & Guillermo Rauch (NextJS creator), welcome :)
},
},
}
);
export const config = { matcher: ['/movies/:path*'] };
/* eslint-disable no-param-reassign */
import type { NextAuthOptions } from 'next-auth';
import NextAuth from 'next-auth';
import TwitterProvider from 'next-auth/providers/twitter';
export const authOptions: NextAuthOptions = {
providers: [
TwitterProvider({
clientId: process.env.TWITTER_CONSUMER_KEY!,
clientSecret: process.env.TWITTER_CONSUMER_SECRET!,
}),
],
pages: {
signIn: '/auth/signin',
},
session: {
strategy: 'jwt',
maxAge: 90 * 24 * 60 * 60, // 90 days, change it as you like
},
callbacks: {
async jwt({ token, user }) {
if (user) {
token.sub = user.id;
}
return token;
},
async session({ session, token }) {
if (token) {
session.user = token;
}
return session;
},
},
};
export default NextAuth(authOptions); |
|
I had this same issue but I fixed it by adding |
Kind of off-topic, but I highly discourage using .env files, especially with prod secrets, in your files or repository. |
|
@ChristianIvicevic I agree. It's just a small hobby site and proof of concept work to see if I can get the app deployed as a first-time Next.js user. I'll refactor it now, but the documentation never mentions this being an issue so it's a little misleading if anyone tries to use |
We had the same issue. We generate our .env files from an encrypted file in our git (for DX and vercels (old) 4KB env var limit reason) right after yarn install. .env files are not supported in vercels edge functions and therefore vercels middleware (see https://vercel.com/docs/concepts/functions/edge-middleware/limitations). We solved this by generating not an .env file but a .env.ts file which we require in our middleware. |
|
I started up a brand new create next app completely stock and ran it on version 12.2.2 it didn't work but it did on 12.3.4 so give it a shot. |
|
This is not working in next v13.1.6 |
I am facing the same problem in this version. The token returns null. I noticed when removing the adapter: PrismaAdapter(prisma) works. Because the JWT token appears on the client side. And when you have the adpter, the token persists in the database, which is not found by the middleware |
|
same @abeledovictor and @marlon307 but wrapping the middleware with |
|
hey mate can u elaborate on this? do you mean to import |
dealt with the same issue running next v13.2.4 what fixed it was adding the following into my credits to: https://stackoverflow.com/questions/75731964/next-auth-middleware-and-protected-folder/75732207#75732207 |
version next and next-auth code example Adding |
and others
Environment
Reproduction URL
https://github.com/RafalFilipek/next-auth-bug
Describe the issue
After login, you get login page again. Cookies are set and everything looks good. But you can't access your app. It works with
12.2.2and below.How to reproduce
https://github.com/RafalFilipek/next-auth-bug[...nextauth].tsExpected behavior
Login process should work as expected.
The text was updated successfully, but these errors were encountered: