feature/add customize auth handlers docs #2218
Open
+177
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2218 +/- ##
=======================================
Coverage 85.01% 85.01%
=======================================
Files 24 24
Lines 2309 2309
Branches 429 429
=======================================
Hits 1963 1963
Misses 340 340
Partials 6 6 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
@guabu does this look right? |
nandan-bhat
approved these changes
Jul 15, 2025
guabu
reviewed
Jul 15, 2025
|
|
||
| ## Customizing Auth Handlers | ||
|
|
||
| In v4, authentication routes (`/auth/login`, `/auth/logout`, `/auth/callback`) are handled automatically by the middleware. While you can no longer customize individual route handlers directly like in v3, you can intercept these routes in your middleware to run custom logic before the auth handlers execute. |
There was a problem hiding this comment.
Do we need to mention older versions in the README? It feels more appropriate to leave those to the migration guide where it's more relevant.
|
|
||
| ### Run custom code before Auth Handlers | ||
|
|
||
| Following example shows how to run custom logic before the `logout` handler: |
There was a problem hiding this comment.
This would actually be running after the logout handler but before the response is sent to the user
Comment on lines
+1298
to
+1299
| // "/your/login/returnTo/url" : intercept redirect after login | ||
| // "/your/logout/returnTo/url" : intercept redirect after logout |
Comment on lines
+1305
to
+1322
| // do custom stuff | ||
| console.log("Pre-logout code") | ||
|
|
||
| // Example: Set a cookie | ||
| authRes.cookies.set('myCustomCookie', 'cookieValue', { path: '/' }); | ||
| // Example: Set another cookie with options | ||
| authRes.cookies.set({ | ||
| name: 'anotherCookie', | ||
| value: 'anotherValue', | ||
| httpOnly: true, | ||
| path: '/', | ||
| }); | ||
|
|
||
| // Example: Delete a cookie | ||
| // authRes.cookies.delete('cookieNameToDelete'); | ||
|
|
||
| // you can also do an early return here with your own NextResponse object | ||
| // return NextResponse.redirect(new URL('/custom-logout-page')); |
There was a problem hiding this comment.
nit (feel free to ignore): I would simplify the example to keep it concise
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes: #1895
Adds documentation about customizing auth handlers at various parts of authentication:
Includes example and prose