/ route does not go through middleware
Unanswered
Rough Collie posted this in #help-forum
Rough CollieOP
I am using nextauth withauth middleware, and my static pages don't go through the middleware.
I am deploying using sst.
The effect is that you don't need to be loggedIn to access protected pages.
Any ideas where to look at?
Am i missing something, and in fact you can't have static pages protected?
App Router Next 13.5.4
"next": "^13.5.4",
"next-auth": "^4.24.5",
"sst": "2.36.7",
This is my middleware.
I am deploying using sst.
The effect is that you don't need to be loggedIn to access protected pages.
Any ideas where to look at?
Am i missing something, and in fact you can't have static pages protected?
App Router Next 13.5.4
"next": "^13.5.4",
"next-auth": "^4.24.5",
"sst": "2.36.7",
This is my middleware.
import { withAuth } from 'next-auth/middleware'
/**
* The whole website is under auth
*/
export default withAuth({
callbacks: {
authorized({ req, token }) {
console.log('🚀 ~ file: middleware.ts:9 ~ authorized ~ token:', token)
// matcher array will be only requires the user to be logged in
return !!token
},
},
pages: {
signIn: '/auth/signin',
},
})
export const config = {
matcher: [
'/',
'/imprint',
'/privacy-policy',
'/terms-and-conditions',
'/about-us',
'/contact-us',
'/dashboard',
'/data-library',
'/data-library/:path*',
'/datasets/:path*',
'/documentation',
'/ethical-oath/:path*',
'/ethics',
'/features',
'/popular-datasets',
'/similar-datasets',
],
}
13 Replies
Alfonsus Ardani
what are your static pages?
Rough CollieOP
I don't understand the question.
I am using nextjs 13.5.4, app router
I get this from nextjs on build for them:
â—‹ (Static) automatically rendered as static HTML (uses no initial props)
I am using nextjs 13.5.4, app router
I get this from nextjs on build for them:
â—‹ (Static) automatically rendered as static HTML (uses no initial props)
Rough CollieOP
More information on my reproduction steps:
Fresh deploy, i go for the first time to my website.com
I am redirected to login
I log in. I logout. I remain on website.com/ page. I am NOT redirected
Refresh. Nothing happens
Fresh deploy, i go for the first time to my website.com
I am redirected to login
I log in. I logout. I remain on website.com/ page. I am NOT redirected
Refresh. Nothing happens
Alfonsus Ardani
have you tried console.logging insdie your default exports
export default middleware(){
console.log("Hello")
}
and see if your static pages get run through middleware
Rough CollieOP
'/' goes only the first time, on refresh it does not go through the middleware
same of other pages, if i click on <Link> they don't go through middleware, but if refresh they do ... :/
I am testing this change in my middleware, and until now it seems i get the desired effect, but destroys a cache layer:
I updated next, sst and nextauth to latest version
same of other pages, if i click on <Link> they don't go through middleware, but if refresh they do ... :/
I am testing this change in my middleware, and until now it seems i get the desired effect, but destroys a cache layer:
export default withAuth(
function middleware(req) {
const response = NextResponse.next()
response.headers.set('x-middleware-cache', 'no-cache')
response.headers.set('cache-control', 'no-cache, no-store, must-revalidate')
return response
})
I updated next, sst and nextauth to latest version
Ray
try add this to the buildComment in your NextjsSite construct
"npx open-next@latest build"
Five-striped Sparrow
Facing the same issue. I believe, when you load the site for the first time and user is not logged in, <Link > tries to prefetch the which would point to /login because middleware redirected to /login. It keeps serving the /login page even though user is authenticated. In my case, it works after 5 mins, may be because of some cache timeout setting. Did you manage to fix it? I've opened the issue here as well. https://stackoverflow.com/questions/77592464/nextjs-14-middleware-redirect-issue-user-keeps-getting-redirected-to-login-aft?noredirect=1#comment136791232_77592464
Devon Rex
Facing exactly same issue. Even after session.status is authenticated, my protected page "/dashboard" is not loading and redirected to login page again. But, when I enter /dashboard in address bar, then it loads... Need proper solution.
Ray
well, op use sst with open-next which had issue with middleware <= v2.3.1. are you using with sst too?
DirtyCajunRice | AppDir
1. upgrade next
2. upgrade next-auth to 5.
then let us know if you are still having issues.
2. upgrade next-auth to 5.
then let us know if you are still having issues.
Devon Rex
No.
You mean next-auth beta? I am working on a production and facing this issue. Is it safe to upgrade to beta releases?