auth.origin setting in nuxt.config.ts is not working with next-auth@4.22

[ncperng]

Environment

• Operating System: Darwin
• Node Version: v16.14.0
• Nuxt Version: 3.2.3
• Nitro Version: 2.2.3
• Package Manager: yarn@1.22.19
• Builder: vite
• User Config: runtimeConfig, app, vite, modules, auth, dayjs, i18n
• Runtime Modules: @nathanchase/nuxt-dayjs-module@1.0.11, @nuxtjs/i18n@8.0.0-beta.10, @sidebase/nuxt-auth@0.5.0, formidable@3.2.5
• Build Modules: -

Reproduction

No response

Describe the bug

After installing next-auth@4.22 and using GoogleProvider in /api/auth/[...].ts, there will be a warning message when starts up:

[next-auth][warn][NEXTAUTH_URL] https://next-auth.js.org/warnings#nextauth_url

And when using SignIn() in custom login page, Google will redirect me to the error page "redirect_uri_mismatch". It also finds the http request to Google carries redirect_uri: http://localhost:3000/api/auth/callback/google, even the auth.origin is set in nuxt.config.ts.

Additional context

No response

Logs

No response

[Q16solver]

origin settings is also not typechecked with 0.6.0.alpha.2, something wrong with the settings defined I suppose

[modbender]

Same problem

[simonsax]

+1

[asbermudez]

+1 in my case using Auth0

[BracketJohn]

Hey everyone!

As a quick workaround you can export NEXTAUTH_URL! Right now my time is sadly quite limited. If you just want to use the next-auth / auth.js provider I suggest to use 0.5 until 0.6 has become stable, thanks!

[asbermudez]

@BracketJohn for me it worked by adding next-auth as dev dependency and force the version to 4.21.1 while using the 0.6.0-beta.0 of nuxt-auth. So clearly something happened in next-auth v4.22.x

[Natronick]

Hi everyone! @BracketJohn what do you think about adding this line after: https://github.com/sidebase/nuxt-auth/blob/0.5.0/src/runtime/server/services/nuxtAuthHandler.ts#L101:

process.env.NEXTAUTH_URL = origin;

[v-js-d]

Same problem, if you go back to version "@sidebase/nuxt-auth": "^0.5.0", the problem still remains

[baboon-king]

add to .env file as to fix it at now

AUTH_ORIGIN="http:localhost:3000"

[v-js-d]

add to .env file as to fix it at now

AUTH_ORIGIN="http:localhost:3000"

this is not the problem, it seems to me that @sidebase/nuxt-auth does not work well with GraphQL

[WhatzzUp]

have the same issue with "next-auth": "^4.22.3" and "@sidebase/nuxt-auth": "^0.5.0",

  auth: {
    enableGlobalAppMiddleware: true,
    origin: process.env.AUTH_ORIGIN,
  },

even hardcoded, origin has zero effect to the redirect_uri in my auth0 flow.

Cant use this module in production - has anyone made it work?

[asbermudez]

@WhatzzUp I have it working on prod currently, my nuxt config is as follows:

Edit: I am using version "@sidebase/nuxt-auth": "^0.6.0-beta.3",

{
  auth: {
      isEnabled: true,
      provider: {
        type: 'authjs',
        defaultProvider: 'auth0',
      },
      globalAppMiddleware: {
        isEnabled: true,
      },
    },
}

Then in my '/auth/[...].ts' I have the following:

import Auth0Provider from 'next-auth/providers/auth0';
import { NuxtAuthHandler } from '#auth';

const config = useRuntimeConfig();

export default NuxtAuthHandler({
  pages: {
    signIn: '/login',
    signOut: '/logout',
  },
  secret: config.auth0.appSecret,
  providers: [
    // @ts-expect-error You need to use .default here for it to work during SSR. May be fixed via Vite at some point
    Auth0Provider.default({
      clientId: config.public.auth0.clientId,
      clientSecret: config.auth0.clientSecret,
      issuer: config.public.auth0.domain,
      checks: 'pkce',
      authorization: {
        params: config.public.auth0.organization
          ? {
              scope: 'openid email profile offline_access',
              organization: config.public.auth0.organization,
            }
          : {
              scope: 'openid email profile offline_access',
            },
      },
    }),
  ],
});

And finally in my .env file

# NodeJS env variables
## More authentication origin (because reasons)
AUTH_ORIGIN=http://localhost:3000

## Authorization with Auth0 (https://www.auth0.com)
NUXT_PUBLIC_AUTH0_CLIENT_ID=YourClientID
NUXT_PUBLIC_AUTH0_DOMAIN=https://yourdomain.eu.auth0.com
NUXT_PUBLIC_AUTH0_ORGANIZATION=org_YoUrOrG

Hope it helps!

[Jeet-Metapercept]

• version "@sidebase/nuxt-auth": "^0.6.0-beta.3"

hmm. without .env file, seems you still need to inject NEXTAUTH_URL

I was only able to get it working with Docker by adding the run time NEXTAUTH_URL env.

[zoey-kaiser]

Hi everyone! In Version 0.6.0 we switched from NEXTAUTH_URL and ORIGIN to baseURL defined in the Nuxt Config. This is due to use adding more cuastom providers and starting to move away from authjs.

Please refer to this comment on how to implement it https://github.com/sidebase/nuxt-auth/issues/361#issuecomment-1651646668.

0.6.0 is also close to being released, therefore we will not be doing any retrospective patching of lower versions.

[lspellman-opsguru]

Note for anyone experiencing issues with this. I was still having issues in 0.67 with various next-auth version dependencies tried. Specifically, runtime env variables are not available in some cloud provider deployments (like AWS Amplify).

Yesterday, 0.70 of @sidebase/nuxt-auth dropped and I gave it a try as is. Solved problem immediately. Note I do have ALL of the environment variables described above from my previous trials: AUTH_ORIGIN, NEXTAUTH_URL, baseURL. So I can't tell you exactly which of these is being used to make it work, but using Google provider, after SignIn, the redirect_uri is now correct and coming back to production/staging domains as defined by env variables.