Closed khteh closed 1 year ago
We cannot recreate the issue with the provided information. Please add a reproduction in order for us to be able to investigate.
incomplete
label?To be able to investigate, we need access to a reproduction to identify what triggered the issue. We prefer a link to a public GitHub repository (template), but you can also use a tool like CodeSandbox or StackBlitz.
To make sure the issue is resolved as quickly as possible, please make sure that the reproduction is as minimal as possible. This means that you should remove unnecessary code, files, and dependencies that do not contribute to the issue.
Please test your reproduction against the latest version of NextAuth.js (next-auth@latest
) to make sure your issue has not already been fixed.
Ensure the link is pointing to a codebase that is accessible (e.g. not a private repository). "example.com", "n/a", "will add later", etc. are not acceptable links -- we need to see a public codebase. See the above section for accepted links.
Issues with the incomplete
label that receives no meaningful activity (e.g. new comments with a reproduction link) are automatically closed and locked after 30 days.
If your issue has not been resolved in that time and it has been closed/locked, please open a new issue with the required reproduction.
Anyone experiencing the same issue is welcome to provide a minimal reproduction following the above steps. Furthermore, you can upvote the issue using the :+1: reaction on the topmost comment (please do not comment "I have the same issue" without repro steps). Then, we can sort issues by votes to prioritize.
We look into every NextAuth.js issue and constantly monitor open issues for new comments.
However, sometimes we might miss one or two. We apologize, and kindly ask you to refrain from tagging core maintainers, as that will usually not result in increased priority.
Upvoting issues to show your interest will help us prioritize and address them as quickly as possible. That said, every issue is important to us, and if an issue gets closed by accident, we encourage you to open a new one linking to the old issue and we will look into it.
Using .env.local
works but NOT with next.config.js
:
const config = require('config')
module.exports = {
env: {
NEXTAUTH_SECRET: config.get('NEXTAUTH_SECRET'),
NEXTAUTH_URL: config.get('NEXTAUTH_URL'),
DUENDE_IDS6_ISSUER: config.get('DUENDE_IDS6_ISSUER'),
DUENDE_IDS6_CLIENT_ID: config.get('DUENDE_IDS6_CLIENT_ID'),
DUENDE_IDS6_CLIENT_SECRET: config.get('DUENDE_IDS6_CLIENT_SECRET'),
}
}
Using next.config.js
(especially for secrets!) is not recommended as they will be part of the client bundle, as documented:
Note: environment variables specified in this way will always be included in the JavaScript bundle, prefixing the environment variable name with NEXTPUBLIC only has an effect when specifying them through the environment or .env files.
https://nextjs.org/docs/api-reference/next.config.js/environment-variables
I recommend using .env.local
for all variables instead.
_A kind reminder, you have posted 10 issues recently, all without a proper reproduction. http://localhost:3000
is not a reproduction. We need to see your code to investigate in most cases. If you have project-specific questions (like many of the opened issues), please use Discussuions instead._ The issue tracker is for reporting bugs.
I am having issues with this with the latest version 4.20.1 and while running in a docker container.
I am using
NEXTAUTH_URL_INTERNAL=http://nextjs:3000
as my docker name is nextjs it was working find when using 4.10.3. Tried to upgrade and bam things broke.
I wouldn't consider this as a closed issue. I also stepped into this bug, the NEXTAUTH_URL
is not anyhow secret variable, which we may not use as part of nextjs config. I have a use case where I want to put NEXTAUTH_URL
into nextjs config.
I have this in my logs (localhost):
[next-auth][warn][DEBUG_ENABLED]
https://next-auth.js.org/warnings#debug_enabled
- error TypeError [ERR_INVALID_URL]: Invalid URL
at new NodeError (node:internal/errors:399:5)
at new URL (node:internal/url:560:13)
at Object.redirect (webpack-internal:///(sc_server)/./node_modules/next-auth/core/lib/default-callbacks.js:12:18)
at createCallbackUrl (webpack-internal:///(sc_server)/./node_modules/next-auth/core/lib/callback-url.js:10:39)
at init (webpack-internal:///(sc_server)/./node_modules/next-auth/core/init.js:131:91)
at AuthHandler (webpack-internal:///(sc_server)/./node_modules/next-auth/core/index.js:138:57)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async NextAuthRouteHandler (webpack-internal:///(sc_server)/./node_modules/next-auth/next/index.js:49:30)
at async NextAuth._args$ (webpack-internal:///(sc_server)/./node_modules/next-auth/next/index.js:83:24)
at async eval (webpack-internal:///(sc_server)/./node_modules/next/dist/server/future/route-modules/app-route/module.js:265:37) {
input: 'null',
code: 'ERR_INVALID_URL'
}
I have this in my .env.local:
NEXTAUTH_SECRET=SOMETHING_HERE
NEXTAUTH_URL=http://localhost:3000
My next.config.js does not have any env vars
This is my route.ts file (app router):
import GoogleProvider from "next-auth/providers/google";
export const authOptions = {
providers: [
GoogleProvider({
clientId: process.env.GOOGLE_CLIENT_ID as string,
clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
}),
],
pages: {
signIn: "/signin",
signOut: "/",
},
debug: true,
secret: process.env.NEXTAUTH_SECRET as string,
};
const handler = NextAuth(authOptions);
export { handler as GET, handler as POST };
I am trying to have my http server be accessible via proxy
npx local-ssl-proxy --source 3001 --target 3000
Since I have to do some hack for instagram OAUTH, but sinve my server is actually on http, all my sessions break because all my redirect urls are going to http in local development
is there some way to always force https using this library?
Environment
System: OS: Linux 5.19 Ubuntu 22.10 22.10 (Kinetic Kudu) CPU: (20) x64 12th Gen Intel(R) Core(TM) i7-12800H Memory: 47.11 GB / 62.48 GB Container: Yes Shell: 5.2.2 - /bin/bash Binaries: Node: 19.6.0 - /usr/local/bin/node Yarn: 1.22.19 - /usr/local/bin/yarn npm: 9.4.0 - /usr/local/bin/npm Browsers: Chrome: 110.0.5481.100 Firefox: 110.0
Reproduction URL
https://github.com/nextauthjs/next-auth-example Any value other than https://localhost:3000
Describe the issue
I have both
NEXTAUTH_URL
andNEXTAUTH_URL_INTERNAL
defined ashttps://localhost:4434
but clicking the sign in button keeps redirecting tohttp://localhost:3000/api/auth/signin/<provider>
"next-auth": "^4.19.2",
Console log:
How to reproduce
You can reproduce yourself!
Expected behavior
NEXTAUTH_URL
andNEXTAUTH_SECRET
should be read fromnext.config.js