search

boxyhq / saas-starter-kit

🔥 Enterprise SaaS Starter Kit - Kickstart your enterprise app development with the Next.js SaaS boilerplate 🚀
https://boxyhq.com/blog/enterprise-ready-saas-starter-kit
Apache License 2.0
3.24k stars 732 forks source link

authentication_failed even though the call was successful #1377

Closed kacamific closed 3 months ago

kacamific commented 3 months ago

The website is referred via domain name and the solution is running behind nginx and I am getting the following error even though the backend API call was successful.

HTTP-Code: 401
Message: {"code":"authentication_failed","detail":"Invalid token. Have you set the correct server URL?"}

this happens only when fetch is used.

const response = await fetch(`/api/teams....

Do you have any hint where should I further check to find the issue?

deepakprabhakara commented 3 months ago

@kacamific Could you please elaborate a bit more on the setup and where that request is being made, that error message doesn't seem to be coming from saas-starter-kit as far as we can see.

kacamific commented 3 months ago

Godaddy domain is configured to sending requests to server which is running nginx. The nginx is used as proxy to forward the request to the localhost:3000 where saas-starter-kit is running. Nginx is used as SSL terminator. The configuration as following in conf.d

server {
    server_name <domain>;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host $server_name;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_set_header Upgrade $http_upgrade;  
        proxy_set_header Connection "upgrade"; 
        proxy_connect_timeout 600;
        proxy_send_timeout 600;
        proxy_read_timeout 600;
        send_timeout 600;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/<domain>/fullchain.pem; 
    ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem; 
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
    if ($host = <domain>) {
        return 301 https://$host$request_uri;
    } 

    listen 80;
    server_name <DNS>;
    return 404; 
}

Does this help?

deepakprabhakara commented 3 months ago

Are you passing all the headers through in nginx?

kacamific commented 3 months ago

to my knowledge, yes

kacamific commented 3 months ago

The strange part is the the operations are done properly on the server side, I thought maybe NextAuthjs has something to do thats why I asked

deepakprabhakara commented 3 months ago

Doesn't seem to be coming from nextauthjs at first glance given that the request completes. You will have to trace the full request to figure out which layer is attaching that error.

niwsa commented 3 months ago

@kacamific Saw a similar issue here https://github.com/nextauthjs/next-auth/discussions/4004#discussioncomment-3383677 Could you give it a try ?

kacamific commented 3 months ago

I tried it and did not work for me.

kacamific commented 3 months ago

I found this: https://github.com/svix/svix-cli/issues/76 But I am not using svix...

kacamific commented 3 months ago

Solved the issue, I had set by mistake the api key for svix which was "activating" the sendEvent. Thnx for taking the time and answering.

deepakprabhakara commented 3 months ago

Aah good to know, glad it's solved.