Validation POST Request Failure
Unanswered
Brown-crested Flycatcher posted this in #help-forum
Brown-crested FlycatcherOP
I am using Next.js 14.2.1 with the AppRouter. I am experiencing an incredibly strange error, where, no matter what I do, I am getting a 401 unauthorized response.
The point of the route is to take the firebase session cookie, post it to this route, and then use the Firebase Admin SDK to verify that it's still valid. Below is the code for the route handler:
Originally, I was making the request to this route in middleware, because the edge runtime doesn't support the Firebase SDK. To rule out that this was causing a problem, I moved the call to a server component. Here is that call:
I have attached a screenshot of the folder structure where the route handler is defined, but based on the docs, I don't see how I could be defining it incorrectly.
I have tried making a request to the route using Postman, still it returns a 401.
Please, if you have any advice or feedback on why this is occurring, I could use the help.
The point of the route is to take the firebase session cookie, post it to this route, and then use the Firebase Admin SDK to verify that it's still valid. Below is the code for the route handler:
export async function POST(request: Request, response: Response) {
const firebaseAuth: Auth = adminApp.auth();
try {
const payload: Payload = await request.json();
const sessionCookie: string = payload.sessionCookie;
if (!sessionCookie) {
return Response.json({}, { status: 401, statusText: "Unauthorized" });
}
try {
const idToken: DecodedIdToken = await firebaseAuth.verifySessionCookie(sessionCookie);
const nowInSeconds: number = Date.now() / 1000;
if (Object.entries(idToken).length > 0 && idToken.exp > nowInSeconds) {
return Response.json({}, { status: 200, statusText: "Authorized" });
}
return Response.json(
{},
{
status: 401,
statusText: "Unauthorized",
}
);
} catch (err: any) {
console.error(new Error(err));
return Response.json({ error: "Internal Server Error" }, { status: 500 });
}
} catch (err: any) {
return Response.json({}, { status: 500, statusText: "Internal Server Error" });
}
}Originally, I was making the request to this route in middleware, because the edge runtime doesn't support the Firebase SDK. To rule out that this was causing a problem, I moved the call to a server component. Here is that call:
try {
const validationResponse = await fetch("http://localhost:3000/api/validate", {
method: "POST",
headers: {
"Content-Type": "application/json",
"Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
},
body: JSON.stringify({ sessionCookie: session.value }),
});
console.log("validate: ", validationResponse.status);
} catch (err: any) {
console.error(new Error(err));
}I have attached a screenshot of the folder structure where the route handler is defined, but based on the docs, I don't see how I could be defining it incorrectly.
I have tried making a request to the route using Postman, still it returns a 401.
Please, if you have any advice or feedback on why this is occurring, I could use the help.
6 Replies
Is the sessionCookie reaching the server? I mean, if you log it, is it showing up?
Also, are you using any specific auth library, like next-auth?
Brown-crested FlycatcherOP
No, I'm not using next auth, if I log anything inside the handler it doesn't output, but if I log the session cookie from where I'm making the request, it's present and correct
American Crow
what are you saying, if you do
it must log and return, no?
export async function POST(request: Request, response: Response) {
console.log("handler executing)
return Response.json({}, { status: 200 })
})it must log and return, no?
Brown-crested FlycatcherOP
No, no console log
That's the thing I've been struggling with @American Crow