Discuss NextAuth.js v5 #8487
Replies: 92 comments 200 replies
-
@balazsorban44 I got the latest version and i want to provide multi-authentication in my app(manuel one and Google provider). In middleware i use |
Beta Was this translation helpful? Give feedback.
-
@balazsorban44 is OAuth va OIDC supported on the edge runtime with v5? I've only seen credential provider and email-http provider mentioned so far. I've hit the following error when using
It looks like this has been raised before (1 2), but issues were closed without fixes. It seems logical as Have I misconfigured something or is this a known issue? Versions
|
Beta Was this translation helpful? Give feedback.
-
Just came across something - maybe - missing?! When we try to use the ExamplePath:
Did I miss something about this in the PR discussion? |
Beta Was this translation helpful? Give feedback.
-
What's the latest story with supporting lower level HTTP client options? There was a pretty length discussion #3944 about struggles folks have been running into with corporate proxies. It seemed to boil down to people having to maintain their own fork or patch the library to pass custom HTTP agents. Luckily my use case #8491 only requires a simple pass through of a https://authjs.dev/guides/corporate-proxies/corporate-proxy and the v5 migration guide should probably be updated at the very least. |
Beta Was this translation helpful? Give feedback.
-
Hi ! I face the same error as above : my package.json:
I try the override method but it doen't seem to work for me. |
Beta Was this translation helpful? Give feedback.
-
Hi! I'm quite new to Nextjs and with next-auth. I'm currently rewrite an app with Nextjs App router & i'm using Next-Auth v5. You always need to be authenticated to use the app. I'm facing two main issue with Next-auth at the moment : 1. Redirect to provider login screen instead of next-auth when user is not logged in Currently i created a 2. Logout should also log out from the provider For signout i use server actions : import { CSRF_experimental } from '@/auth'
export function SignOut(props: any) {
return (
<form action='/api/auth/signout' method='post'>
<button {...props} />
<CSRF_experimental />
</form>
)
} I think to use the |
Beta Was this translation helpful? Give feedback.
-
Been using NextAuth v5 for a while now and overall I'm super happy. However, I have one major issue with this new update, especially regarding the decision not to run the session callback. What is the recommended way to retrieve more user info in v5 now that the session callback isn't invoked on the server? Before it was trivial to return extra user / session fields from the adapter and have access to that in the session callback, but now it doesn't seem like that's the case. It doesn't matter what my adapter returns, since you cut half of it away anyways... I don't understand this decision since it seems to just make it harder to modify the default behaviors... Example usecase, I put an Can you shed some light on how to achieve this with this new update? Right now I'm patching next-auth to invoke this callback with all info, as the calls are on the server I don't have to care about leaking this to the client anyways... Auth core patch: diff --git a/lib/routes/session.js b/lib/routes/session.js
index e496d921578b735e640d1fc766582831dcbfdb1c..3ce6dcae1c2544fa4f439b551b5cecf3f561ad17 100644
--- a/lib/routes/session.js
+++ b/lib/routes/session.js
@@ -89,9 +89,8 @@ export async function session(params) {
// Pass Session through to the session callback
// @ts-expect-error
const sessionPayload = await callbacks.session({
- // By default, only exposes a limited subset of information to the client
- // as needed for presentation purposes (e.g. "you are logged in as...").
session: {
+ ...session,
user: { name: user.name, email: user.email, image: user.image },
expires: session.expires.toISOString(),
}, NextAuth patch: diff --git a/lib/index.js b/lib/index.js
index 5a75f390e1ed59db192587176cf6fabd229cdf84..d123a9aea1b4d861ae78a23951e1feecf831c57c 100644
--- a/lib/index.js
+++ b/lib/index.js
@@ -9,17 +9,7 @@ async function getSession(headers, config) {
headers: { cookie: headers.get("cookie") ?? "" },
});
config.useSecureCookies ?? (config.useSecureCookies = origin.protocol === "https:");
- return Auth(request, {
- ...config,
- callbacks: {
- ...config.callbacks,
- // Since we are server-side, we don't need to filter out the session data
- // See https://nextjs.authjs.dev/v5#authenticating-server-side
- session({ session, user, token }) {
- return { ...session, user: user ?? token };
- },
- },
- });
+ return Auth(request, config);
}
function isReqWrapper(arg) {
return typeof arg === "function"; |
Beta Was this translation helpful? Give feedback.
-
Hi, @balazsorban44, thanks for the v5! I ran into an issue when deploying it to Cloud Run (basically behind a proxy). The request origin is resolved to Now, I believe the issue isn't specific for v5. But it seems that there are options to bypass this in v4. Since v5 only exports the handlers and I haven't found a way to build a modified NextRequest myself, there probably isn't a workaround. What would you suggest as a fix? Should I create an issue/PR for v4? I'm happy to contribute, but would need some hints :) Edit: The patch below isn't needed. See the thread for a nicer fix! Here's a hacky patch that I'm currently applying and fixes the issue
|
Beta Was this translation helpful? Give feedback.
-
Did something change in the type-definition for the I'm looking to implement the HTTP-based Email provider following this doc but TypeScript is very unhappy that I do not provide the It also requires that It's not a huge deal as I can always do the following: {
id: "email",
type: "email",
name: "Email",
from: "",
server: "",
maxAge: 60 * 10,
options: {},
async sendVerificationRequest(...) { ... },
} But it feels kinda dirty 😅 |
Beta Was this translation helpful? Give feedback.
-
@balazsorban44 since solving the previous issue I've encountered another critical issue, possibly due to my set up but I cannot fathom what I'm doing wrong: Right now, the OAuth handshake is succeeding and the session is being passed to the frontend correctly ( The What's more, the I have done everything I can to ensure the versions of my packages are correct, including clearing my lock file. I currently only have
|
Beta Was this translation helpful? Give feedback.
-
Has anyone been able to successfully use v5 with a
|
Beta Was this translation helpful? Give feedback.
-
@balazsorban44 It seems that once cannot import anything into middleware that has |
Beta Was this translation helpful? Give feedback.
-
Code
Error Code
Error
|
Beta Was this translation helpful? Give feedback.
-
In order to implement a custom signin page, what is the new method to get the provider list? Before it was |
Beta Was this translation helpful? Give feedback.
-
Hi there, I'm currently working on a Next.js project where we've integrated Setup Overview
Encountered IssueDuring integration tests, specifically when testing tRPC procedures that utilize Error: Cannot find module '/path/to/project/node_modules/next/server' imported from /path/to/project/node_modules/next-auth/lib/env.js vbnet This error surfaces when executing a test that involves creating a tRPC context with a mocked session, specifically through the use of Test ExampleHere's a simplified version of the test that triggers the error: import { createInnerTRPCContext } from "./../server/api/trpc";
test("hello test", async () => {
const ctx = createInnerTRPCContext({
session: {
user: { id: "123", name: "John Doe" },
expires: "1",
},
});
// Further logic to call a tRPC procedure
}); And the related createInnerTRPCContext function involved: import { auth } from "@/app/api/auth/[...nextauth]/auth";
export const createTRPCContext = async (opts: { headers: Headers }) => {
const session = await auth();
return createInnerTRPCContext({ session });
}; Has anyone experienced a similar issue or could provide insights into how to navigate this problem? Thank you in advance for your help and insights! |
Beta Was this translation helpful? Give feedback.
-
Im currently working on updating the Eveonline Provider. While this is great supporting more JWT , Im currently trying to figure out how to use the JWT token. As i try to remove this line in the code I'm wondering if anyone would know the proper way to accomplish the Auth flow while removing the userInfo ? |
Beta Was this translation helpful? Give feedback.
-
I'm having an issue with an |
Beta Was this translation helpful? Give feedback.
-
Would anyone here happen to know if the optional |
Beta Was this translation helpful? Give feedback.
-
I am running a Nextjs (v14.1.4) app with NextAuth (5.0.0-beta.16), Google OAuth, JWT strategy and persisting to MongoDB using an adapter pattern. Everything works great in development but in production I cannot complete a call to signIn without the serverless function timing out. I even configured the regions to use the same as my MongoDb cluster. |
Beta Was this translation helpful? Give feedback.
-
I noticed the "old" atlassian provider has been removed, was this move intentional? as many applications i build are dependent on it i cant move to the v5 yet. i also filed a new provider request here #10604 |
Beta Was this translation helpful? Give feedback.
-
Hey guys, I'm having a problem with signIn with IdentityServer4 provider (tried to use Auth0 also, but the result its the same). The are my environment versions: When I click the button that runs signIn('MY_PROVIDER_ID'), its returning this error locally in my server: Here's my Auth.ts code: ` export const config = {
}, export const { handlers, auth, signIn, signOut } = NextAuth(config); What I tried:
Still |
Beta Was this translation helpful? Give feedback.
-
Can anyone help with getting the user first and last name from facebook provider, for v5? I used this in the past: Providers.Facebook({
clientId: process.env.FACEBOOK_CLIENT_ID,
clientSecret: process.env.FACEBOOK_CLIENT_SECRET,
profileUrl:
"https://graph.facebook.com/me?fields=id,name,email,picture,first_name,last_name"
profile: (_profile) => {
return {
id: _profile.id,
firstName: _profile.first_name,
lastName: _profile.last_name,
email: _profile.email,
image: _profile.picture.data.url,
};
},
}), But the profileUrl seems not available anymore. |
Beta Was this translation helpful? Give feedback.
-
I am experiencing issues with the Drizzle Adapter when using "In your seed.js file, you utilized a package called bcrypt to hash the user's password before storing it in the database. You will need to use it again later in this chapter to verify that the password entered by the user matches the one in the database. However, you will need to create a separate file for the bcrypt package. This is because bcrypt relies on Node.js APIs that are not available in Next.js Middleware." However, the guide does not proceed to separate Considering that many Next.js users also leverage edge functions, and Drizzle is currently a rising and popular alternative, coupled with the fact that most people require credentials authentication, I find it surprising that these functionalities are not working as expected. I spent a significant amount of time today unsuccessfully attempting to fix and investigate this issue. However, authentication implementation in 2024 should not consume this much time, especially considering that the purpose of the library, similar to Next.js, is to enhance developer experience (DX). |
Beta Was this translation helpful? Give feedback.
-
Hi folks, someone experimented an issue with next.js 14.1.4 and Keycloak?
and this redirect error from Keycloak:
KeycloakProvider({
id: 'keycloak',
clientId: process.env.KC_CLIENT_ID,
clientSecret: process.env.AUTH_SECRET,
issuer: process.env.KC_ISSUER_URL,
client: {
token_endpoint_auth_method: 'none',
}}) |
Beta Was this translation helpful? Give feedback.
-
Added a bug report (that was autoclosed, thanks to the rigid config) and pull request for the tiktok bug. See here: #10727 and #10728 |
Beta Was this translation helpful? Give feedback.
-
how can i pass the request to the auth function in nextauth v5 when i try to use the auth() in the pages /api directory it gives me this error |
Beta Was this translation helpful? Give feedback.
-
I'm a bit confused this apparently hasn't been discussed anywhere. The new |
Beta Was this translation helpful? Give feedback.
-
Is it possible to use the Would it make sense to make another instance of |
Beta Was this translation helpful? Give feedback.
-
This has been fixed by Vercel for quite some time now.
|
Beta Was this translation helpful? Give feedback.
-
Let's discuss #7443 here.
Keep the PR comments to discuss actual issues/concerns about the ongoing implementation. You can ask for help specific to your project here, or if you are not sure why something isn't working.
Beta Was this translation helpful? Give feedback.
All reactions