Next.js Discord

Discord Forum

/ route does not go through middleware

Unanswered
Rough Collie posted this in #help-forum
Open in Discord
Rough CollieOP
I am using nextauth withauth middleware, and my static pages don't go through the middleware.
I am deploying using sst.
The effect is that you don't need to be loggedIn to access protected pages.
Any ideas where to look at?
Am i missing something, and in fact you can't have static pages protected?

App Router Next 13.5.4
"next": "^13.5.4",
"next-auth": "^4.24.5",
"sst": "2.36.7",

This is my middleware.

import { withAuth } from 'next-auth/middleware'

/**
 * The whole website is under auth
 */
export default withAuth({
  callbacks: {
    authorized({ req, token }) {
      console.log('🚀 ~ file: middleware.ts:9 ~ authorized ~ token:', token)
      // matcher array will be only requires the user to be logged in
      return !!token
    },
  },
  pages: {
    signIn: '/auth/signin',
  },
})

export const config = {
  matcher: [
    '/',
    '/imprint',
    '/privacy-policy',
    '/terms-and-conditions',
    '/about-us',
    '/contact-us',
    '/dashboard',
    '/data-library',
    '/data-library/:path*',
    '/datasets/:path*',
    '/documentation',
    '/ethical-oath/:path*',
    '/ethics',
    '/features',
    '/popular-datasets',
    '/similar-datasets',
  ],
}

13 Replies

Rough CollieOP
I don't understand the question.
I am using nextjs 13.5.4, app router
I get this from nextjs on build for them:
â—‹ (Static) automatically rendered as static HTML (uses no initial props)
Rough CollieOP
More information on my reproduction steps:

Fresh deploy, i go for the first time to my website.com
I am redirected to login
I log in. I logout. I remain on website.com/ page. I am NOT redirected
Refresh. Nothing happens
have you tried console.logging insdie your default exports
export default middleware(){
  console.log("Hello")
}

and see if your static pages get run through middleware
Rough CollieOP
'/' goes only the first time, on refresh it does not go through the middleware
same of other pages, if i click on <Link> they don't go through middleware, but if refresh they do ... :/

I am testing this change in my middleware, and until now it seems i get the desired effect, but destroys a cache layer:
export default withAuth( function middleware(req) { const response = NextResponse.next() response.headers.set('x-middleware-cache', 'no-cache') response.headers.set('cache-control', 'no-cache, no-store, must-revalidate') return response })

I updated next, sst and nextauth to latest version
@Rough Collie I am using nextauth withauth middleware, and my static pages don't go through the middleware. I am deploying using sst. The effect is that you don't need to be loggedIn to access protected pages. Any ideas where to look at? Am i missing something, and in fact you can't have static pages protected? **App Router Next 13.5.4** "next": "^13.5.4", "next-auth": "^4.24.5", "sst": "2.36.7", This is my middleware. import { withAuth } from 'next-auth/middleware' /** * The whole website is under auth */ export default withAuth({ callbacks: { authorized({ req, token }) { console.log('🚀 ~ file: middleware.ts:9 ~ authorized ~ token:', token) // matcher array will be only requires the user to be logged in return !!token }, }, pages: { signIn: '/auth/signin', }, }) export const config = { matcher: [ '/', '/imprint', '/privacy-policy', '/terms-and-conditions', '/about-us', '/contact-us', '/dashboard', '/data-library', '/data-library/:path*', '/datasets/:path*', '/documentation', '/ethical-oath/:path*', '/ethics', '/features', '/popular-datasets', '/similar-datasets', ], }
Facing the same issue. I believe, when you load the site for the first time and user is not logged in, <Link > tries to prefetch the which would point to /login because middleware redirected to /login. It keeps serving the /login page even though user is authenticated. In my case, it works after 5 mins, may be because of some cache timeout setting. Did you manage to fix it? I've opened the issue here as well. https://stackoverflow.com/questions/77592464/nextjs-14-middleware-redirect-issue-user-keeps-getting-redirected-to-login-aft?noredirect=1#comment136791232_77592464
Devon Rex
Facing exactly same issue. Even after session.status is authenticated, my protected page "/dashboard" is not loading and redirected to login page again. But, when I enter /dashboard in address bar, then it loads... Need proper solution.
1. upgrade next
2. upgrade next-auth to 5.
then let us know if you are still having issues.
@DirtyCajunRice | AppDir 1. upgrade next 2. upgrade next-auth to 5. then let us know if you are still having issues.
Devon Rex
You mean next-auth beta? I am working on a production and facing this issue. Is it safe to upgrade to beta releases?