Closed nirazanbasnet closed 1 year ago
I checked your code, where is the authorize/login pointing to? It seems as if that code in not the rep. Look at the next-auth database adapters. Also next-auth works great with social login. See the demo here: https://next-auth-example.vercel.app/
hi @mshd, thanks for the response. We have another auth server and don't have direct access to database. hence unable to use next-auth database adapters. Hence we are calling login API from next-auth API using the "Credentials provider". You can check here in this file (Line number 19) :
It sounds like some kind of caching issue. Sessions between different users cannot reach other devices unless you have cached the session response. Make sure it's not the case!
If it's the same machine, NextAuth.js has a 30 days session expiry by default, unless the user explicitly logs out earlier. You can change the max session age as shown in the docs https://next-auth.js.org/configuration/options#session
hi @balazsorban44 you can check the codebase in github. there is no cache or something as such implemented. its just a simple standard code as mentioned in next-auth documentation.
Files to look into the code:
I tried deploying the same code/repo in netlify and a custom vps server. its working fine there.
But only in vercel, the session is being shared. (here session shared means if one user logged in from any device, and then another user logged in from another (or same, no matter what) device, the second user will receive the profile information of first user).
hi @balazsorban44 you can check the codebase in github. there is no cache or something as such implemented. its just a simple standard code as mentioned in next-auth documentation.
Files to look into the code:
- [...next-auth].ts https://github.com/puncoz/nextjs-nextauth-laravel-login/blob/main/src/pages/api/auth/%5B...nextauth%5D.ts
- _app.ts https://github.com/puncoz/nextjs-nextauth-laravel-login/blob/main/src/pages/_app.tsx
- login.tsx https://github.com/puncoz/nextjs-nextauth-laravel-login/blob/main/src/pages/login.tsx
- profile.tsx https://github.com/puncoz/nextjs-nextauth-laravel-login/blob/main/src/pages/profile.tsx
I tried deploying the same code/repo in netlify and a custom vps server. its working fine there.
But only in vercel, the session is being shared. (here session shared means if one user logged in from any device, and then another user logged in from another (or same, no matter what) device, the second user will receive the profile information of first user).
did you solve this issue? i have same issue with hostinger vps.
Environment
System: Vercel production Binaries: Node: 14.19.1 - ~/.nvm/versions/node/v14.19.1/bin/node Yarn: 1.22.18 - ~/.nvm/versions/node/v14.19.1/bin/yarn npm: 8.12.2 - ~/.nvm/versions/node/v14.19.1/bin/npm Browsers: Brave Browser: 104.1.42.88 Chrome: 104.0.5112.79 Safari: 15.6 npmPackages: next: ^12.0.9 => 12.2.4 next-auth: ^4.10.3 => 4.10.3 react: 17.0.2 => 17.0.2
Reproduction URL
https://nextjs-nextauth-laravel-login.vercel.app/
Describe the issue
I used
const session = await unstable_getServerSession(req, res, authOptions);
on serverSideProps to get the session. But the session is shared on deploying production to Vercel. So it is misbehaving on the login module.These are two users' credentials. Whenever we log in from the account, the session is shared which is causing misbehavior on the login module by using the next-auth API route.
You can access the code here: https://github.com/puncoz/nextjs-nextauth-laravel-login
How to reproduce
URL: https://nextjs-nextauth-laravel-login.vercel.app/
username: er.nirajan.basnet@gmail.com password: password123
username: nirajan.basnet@webo.digital password: password123
For the account that logs in to the system, the session is shared until the previous account logout.
Expected behavior
The two different accounts must have different sessions and sessions should not have shared.