Open apuatcfbd opened 8 months ago
Hi, thanks for your report! 🙏 I checked this out and realized that this bug is only related to the app directory, not the pages. I'm going to work on fixing this. 👍
Hey @erfanGharib can you give us some hint why this is happening? Or what is the ETA for this bug? Seriously we need to make sure middleware is executed every time. This is nonsense that middleware execution is not consistent
Following up. This is a critical bug, when can we expect a fix? We use middleware to protect routes (Next 13.5.4). We have consistently seen a situation where after logout the user can return to their "protected" account page via a link because the middleware isn't executed (verified by logging all calls to middleware).
I am also facing the issue that on dev the middleware is called on each route specified in the matcher:[], it is all ok in dev but after creating a build of my next js 13.5 project the middle is not called on the path "/", except "/" middleware is called on every route in the build. Can anyone please guide me why there is a difference in calling middleware in dev and after creating the build?
According to the docs https://nextjs.org/docs/app/api-reference/functions/use-router; router.push
is solely client side and therefore won't execute server-side request (Which includes the middleware);
Unless I'm mistaken?
Hello everyone! I was wondering if we have some updates on this bug??
@Benjythebee But then here, if you see the video attached on the top, sometimes you see the 'Middleware ran' console message even the navigation happened from router.push
. It sounds valid that middleware only triggered for server-side request, then router.push triggers server-side request...?
We encountered this middleware bug in Next.js v14.2.4. The issue is that the middleware doesn't always execute as expected. Specifically, we've noticed that it works on the first visit to a specific path, but not on subsequent visits during the same session. As the original author pointed out, temporary solutions like waiting for approximately 15 seconds or forcing a browser refresh can be used.
My specific use case involves checking if the user has verified their email address before allowing them to access a certain route (e.g., /app). Additionally, we need to check if the user is an administrator before allowing them to access another route (e.g., /admin). While we could manually implement these checks on each page, using middleware provides a simpler solution.
Link to the code that reproduces this issue
https://github.com/apuatcfbd/nextjs13-middleware-issue
To Reproduce
When using
router.push
middleware sometimes doesn't gets executed. The issue can be produced in the provided repo. There i'm intentionally usingrouter.push
instead ofLink
. The issue can be seen on my screencast too. https://drive.google.com/file/d/19-UsJ18vxEoAK5b8X-bm0KEZpcZqrRmU/view?usp=sharingIn there if you look at the terminal, first time the middleware was executed, then thats not executing, after I waited around 15-25 seconds, that started executing again everytime I visit the
secure
path which is under protection of the middleware. Is here i'm doing something wrong?Current vs. Expected behavior
Current Behavior Middleware is not executing everytime route gets changed. Strangely it starts work normal after few seconds!
Expected Behavior Middleware should gets executed everytime route gets changed,
Verify canary release
Provide environment information
Which area(s) are affected? (Select all that apply)
Middleware / Edge (API routes, runtime)
Additional context
No response