Closed tschumwalleye closed 6 days ago
Thanks for reporting this, that's definitely unintentional. We'll look into this and get back to you!
@tschumwalleye I'd like to ask a few questions to make sure I understand the issue:
https://*.example.com
as a redirect URI in the dashboard?WORKOS_REDIRECT_URI
that you pass in? Is it the same URL?I feel like the issue is that you are unable to pass in the actual URL (one that would match the wildcard scheme) at runtime. Is that correct?
If so, I think we just need to add an option to the getSignInUrl
so it can be passed at runtime.
@benoitgrelard That is correct, being able to pass in the value at runtime would solve this problem.
The same goes for the signOut
call, adding an option for a url, an option for a path, or an option to disable the redirect so that it can be left to the developer to handle would solve this same issue.
I think signOut
is different though, the URL it redirects to is configured in the dashboard.
That is correct, this leaves me with the same issue of being unable to pass in an accurate URL for preview deployments. I can bypass using the signOut function by calling cookies().delete("wos-session")
myself, then redirecting. My concerns with this are:
getLogoutUrl
)@PaulAsjes I have exactly the same issue.
Have tried many workarounds:
.env
files with WORKOS_REDIRECT_URI="https://${VERCEL_URL}/my/redirect/path"
)But none of these work due to how Vercel/Next handles environment variables on the edge/middleware runtime.
I think what I'd like to see here is a solution that allows for all the config to be passed in at runtime to create an object, from which everything else can be imported (analogous to how NextAuth works), e.g.
export const { authkitMiddleware, signOut, getUser, ... } = AuthKit({
redirectUri: ...,
cookieSecret: ...,
clientId: ...,
clientSecret: ...,
});
You can do more complicated things, but I think it makes the library harder to understand and use.
For example, AWS Amplify has some exports directly from the package and some that you have to instantiate using a builder function like NextAuth--in both cases, though, the config is a separate concern, either Amplify.configure(config)
on the client or as an input to the builder function for server-side.
Fixed in v0.11.0.
I have branch URLs from Vercel preview deployments.
My
WORKOS_REDIRECT_URI
is configured as a wildcard in my dashboard following the guidelines here: WorkOS Docs.After migrating to authkit-nextjs, redirected users land on a url where the
*
is replaced with%2A
.https://*.example.com -> https://%2A.example.com
I would be able to pass in the URL at run-time if that was an option, which is how I handled this behavior before migrating. I would take advantage of the
VERCEL_URL
environment variable when calling thegetAuthorizationUrl
method.