Is it possible to catch next-auth server side errors? #10096
Unanswered
billy-the-ape
asked this question in
Help
Replies: 1 comment
-
I would like to know as well |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I have a large and very active website which uses next-auth for authentication
We notice a lot of errors spamming our logs - various issues where users may not have cookies enabled ('State cookie was missing'), or their system clock is off/they have let their JWT expire ('"exp" claim timestamp check failed'). The system works fine for users and I can't reproduce these issues so mostly just ignore it.
Anyway - we rarely seem to also see a lot of these errors just before one of our web server shards fails. We can't actually rule out that this could be a sort of attack vector for bad actors to try and harm our site's uptime (though I assume with next-auth being used so heavily across the web this wouldn't be a thing that would go un-fixed for this long...).
Is there any way to actually catch these errors and handle them better? Or if that's not the cause of the crash, just not fill our logs with crazy amounts of spam which obfuscates our ability to find the root cause of the crash? Ideally when this happens, we could at least tell the user 'cookies must be enabled' or 'check your system clock' for a better UX...
Really with about 60k DAU, even a small % of them encountering these errors creates a crazy amount of useless spam in our logs.
I've tried wrapping the
NextAuth(...)(req,res);
in a try/catch within our route handler but that doesn't seem to stop the madness.Any help is appreciated!
Beta Was this translation helpful? Give feedback.
All reactions