useSession() status returning "authenticated" in dev but "unauthenticated" in prod
Answered
Cuvier’s Dwarf Caiman posted this in #help-forum
Cuvier’s Dwarf CaimanOP
Hi all, I have an app that works fine in local development, but authentication fails in production.
Server logs show a successful authentication logged from my
Prod environment variables are set correctly:
But note I'm deploying this as a serverless Google Cloud Run instance. The reason I mention is, the call to
nextauth is configured with Credentials provider very simply:
Server logs show a successful authentication logged from my
authorize function (see below), and browser tools show __Secure-next-auth.session-token being set, but the status from useSession() is unauthenticated and the session is null. Prod environment variables are set correctly:
NEXTAUTH_URLNEXTAUTH_SECRETBut note I'm deploying this as a serverless Google Cloud Run instance. The reason I mention is, the call to
/api/auth/session is a request to https://<garbled-junk>.a.run.app/api/auth/session rather than <NEXTAUTH_URL>/api/auth/session. Not sure if that's relevant.nextauth is configured with Credentials provider very simply:
/api/auth/[...nextauth].jsexport const authOptions = {
providers: [
CredentialsProvider({
name: "MyProvider",
credentials: {
username: { label: "Username", type: "text", placeholder: "username" },
password: { label: "Password", type: "password" }
},
async authorize(credentials, req) {
const userData = await myLoginFunc(credentials.username, credentials.password);
if (userData) {
const session = {
name: credentials.username
}
console.log('Login successful, returning id/username');
console.log(session);
return session;
} else {
return null;
}
}
})
],
session: {
strategy: 'jwt',
},
jwt: {
secret: process.env.JWT_SECRET,
},
debug: true
}
export default NextAuth(authOptions)Answered by Cuvier’s Dwarf Caiman
oof ok i found https://github.com/nextauthjs/next-auth/discussions/5301
I'm using firebase to deploy the cloud run function, so cookies are getting stripped...
looks like many folks end up migrating away from firebase as a "solution"...
I'm using firebase to deploy the cloud run function, so cookies are getting stripped...
looks like many folks end up migrating away from firebase as a "solution"...
2 Replies
Cuvier’s Dwarf CaimanOP
update:
I added a log to the
and this does log on local dev, but does NOT log anything on production deployment...
Again,
What would prevent my
I added a log to the
session callback: callbacks: {
async session({ session, token, user }) {
console.log('session callback');
console.log(session);
console.log(token);
console.log(user);
return session
}
}and this does log on local dev, but does NOT log anything on production deployment...
Again,
authorize seems to work fine, and logs correctly here: console.log('Login successful, returning id/username');What would prevent my
session callback from actually getting called in production?Cuvier’s Dwarf CaimanOP
oof ok i found https://github.com/nextauthjs/next-auth/discussions/5301
I'm using firebase to deploy the cloud run function, so cookies are getting stripped...
looks like many folks end up migrating away from firebase as a "solution"...
I'm using firebase to deploy the cloud run function, so cookies are getting stripped...
looks like many folks end up migrating away from firebase as a "solution"...
Answer