You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is possible to use a custom base path for the auth handler endpoint in a local environment by setting the NEXTAUTH_URL to the full path (https://next-auth.js.org/configuration/options#nextauth_url), but when deployed to Vercel, there is no way to configure the custom base path and NEXTAUTH_URL is ignored.
In the reproduction project, I have moved the auth endpoint from /api/auth to /api/foobar/auth. I've setup a discord auth provider and specified the NEXTAUTH_URL=http://localhost:3000/api/foobar/auth. With this setup, I am able to successfully login using discoard oauth. If I deploy the project to Vercel, the login form action has the default base path, and not the one specified in the NEXTAUTH_URL.
It seems like the culprit is detectOrigin which will return the full NEXTAUTH_URL when not running in Vercel, but only return the protocol+host in Vercel. There should be a way to configure the custom base path or detectOrigin should respect the path specified in NEXTAUTH_URL regardless of whether it is in Vercel.
How to reproduce
Clone the reproduction repository. Install deps (pnpm i).
Create .env.local and populate it with env vars for an oauth provider and update the auth.ts to specify the auth provider being used.
Set NEXTAUTH_URL=http://localhost:3000/api/foobar/auth in .env.local.
Run the project locally pnpm run dev and verify it is possible to login
Add VERCEL=1 to .env.local and run the project again and verify that it is no longer possible to login
Expected behavior
Using a custom base path should work whether running in Vercel or not.
The text was updated successfully, but these errors were encountered:
kldavis4
added
bug
Something isn't working
triage
Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime.
labels
Oct 11, 2023
Hi, I was able to change the default base path api/auth to next/api/auth (the first option was occupied by my backend server). In my case I had to move nextauth config to app routing (route.ts).
Environment
It is possible to use a custom base path for the auth handler endpoint in a local environment by setting the NEXTAUTH_URL to the full path (https://next-auth.js.org/configuration/options#nextauth_url), but when deployed to Vercel, there is no way to configure the custom base path and NEXTAUTH_URL is ignored.
Reproduction URL
https://github.com/kldavis4/nextauth-custom-path-issue
Describe the issue
In the reproduction project, I have moved the auth endpoint from
/api/auth
to/api/foobar/auth
. I've setup a discord auth provider and specified theNEXTAUTH_URL=http://localhost:3000/api/foobar/auth
. With this setup, I am able to successfully login using discoard oauth. If I deploy the project to Vercel, the login form action has the default base path, and not the one specified in the NEXTAUTH_URL.It seems like the culprit is detectOrigin which will return the full NEXTAUTH_URL when not running in Vercel, but only return the protocol+host in Vercel. There should be a way to configure the custom base path or detectOrigin should respect the path specified in NEXTAUTH_URL regardless of whether it is in Vercel.
How to reproduce
pnpm i
).NEXTAUTH_URL=http://localhost:3000/api/foobar/auth
in .env.local.pnpm run dev
and verify it is possible to loginVERCEL=1
to .env.local and run the project again and verify that it is no longer possible to loginExpected behavior
Using a custom base path should work whether running in Vercel or not.
The text was updated successfully, but these errors were encountered: