Custom basePath not working in Vercel

[kldavis4]

Environment

It is possible to use a custom base path for the auth handler endpoint in a local environment by setting the NEXTAUTH_URL to the full path (https://next-auth.js.org/configuration/options#nextauth_url), but when deployed to Vercel, there is no way to configure the custom base path and NEXTAUTH_URL is ignored.

Reproduction URL

https://github.com/kldavis4/nextauth-custom-path-issue

Describe the issue

In the reproduction project, I have moved the auth endpoint from /api/auth to /api/foobar/auth. I've setup a discord auth provider and specified the NEXTAUTH_URL=http://localhost:3000/api/foobar/auth. With this setup, I am able to successfully login using discoard oauth. If I deploy the project to Vercel, the login form action has the default base path, and not the one specified in the NEXTAUTH_URL.

It seems like the culprit is detectOrigin which will return the full NEXTAUTH_URL when not running in Vercel, but only return the protocol+host in Vercel. There should be a way to configure the custom base path or detectOrigin should respect the path specified in NEXTAUTH_URL regardless of whether it is in Vercel.

How to reproduce

• Clone the reproduction repository. Install deps (pnpm i).
• Create .env.local and populate it with env vars for an oauth provider and update the auth.ts to specify the auth provider being used.
• Set NEXTAUTH_URL=http://localhost:3000/api/foobar/auth in .env.local.
• Run the project locally pnpm run dev and verify it is possible to login
• Add VERCEL=1 to .env.local and run the project again and verify that it is no longer possible to login

Expected behavior

Using a custom base path should work whether running in Vercel or not.

[NikitaKlimuk]

Hello, were you able to solve this problem?
I'm having the same problem right now with a redirect that only works on localhost

[kldavis4]

Hello, were you able to solve this problem? I'm having the same problem right now with a redirect that only works on localhost

I have not - let me know if you find a way to work around it

[NikitaKlimuk]

Hi, I was able to change the default base path api/auth to next/api/auth (the first option was occupied by my backend server). In my case I had to move nextauth config to app routing (route.ts).

NEXTAUTH_URL=http://localhost:3000/next/api/auth

Also had to make changes to the file structure (src/app/next/api/auth/[...nextauth]/route.ts)

At some point the redirect worked and everything worked.

[RonnenPodolsky]

Can someone look into this? next auth v4
It's clear there is a problem

http://localhost:3000/api/authNext/providers switching on and off VERCEL=1,

{"google":{"id":"google","name":"Google Contacts and Calendar","type":"oauth","signinUrl":"http://localhost:3000/api/authNext/signin/google","callbackUrl":"http://localhost:3000/api/authNext/callback/google"}}

vs

{"google":{"id":"google","name":"Google Contacts and Calendar","type":"oauth","signinUrl":"https://localhost:3000/api/auth/signin/google","callbackUrl":"https://localhost:3000/api/auth/callback/google"}} (prod, despite having basePath configured as required and sending NEXTAUTH_URL as env variable in vercel)