Next.js Discord

Discord Forum

User missing from JWT after post to /api/auth/callback/credentials

Unanswered
Scale parasitoid posted this in #help-forum
Open in Discord
Avatar
Scale parasitoidOP
I'm having some difficulty getting the user returned from NextAuth to be available in the session.

I have logging in the CredentialsProvider.authorize function immediately before returning that confirms it is returning the user object as expected. I also put logging in the jwt and session callbacks. When I log in to my app I see the authorize log show up with the full user object returned. Then I see a call to the jwt callback with the full user object included. Then I see a POST to /api/auth/callback/credentials (200) and then the page trying to compile/load. Then I see another call to the jwt callback with no user key at all this time (guessing to refresh it?), then a call to the session callback, with the default user object in the session, instead of the object returned from authorize:

{
  session: {
    user: {
      name: undefined,
      email: 'my@email.address',
      image: undefined
    },
    expires: '2025-02-16T20:09:39.974Z'
  },
  token: {
    email: 'my@email.address',
    sub: 'an-id',
    iat: 1737144576,
    exp: 1739736576,
    jti: 'an-id'
  }
}


I'm sure I'm missing something set up wise, but I'm not sure what. Here's the authOptions definition:
export const authOptions: NextAuthOptions = {
  pages: {
    signIn: "/login",
    error: "/login",
  },
  session: {
    strategy: "jwt",
  },
  jwt: { encode, decode },
  callbacks: {
    jwt(args) {
      console.log("===JWT===");
      console.log(args);
      return args.token;
    },
    session(args) {
      console.log("===SESSION===");
      console.log(args);
      return args.session;
    },
  },
  providers: [
    CredentialsProvider({
      name: "Credentials",
      credentials: {
        email: { label: "E-Mail", type: "text" },
        password: { label: "Password", type: "password" },
      },
      async authorize(credentials, req) {
        const user = { ... }

        if (user) {
          const retVal = { id: user.id, email: user.email, ... };
          console.log("===AUTHORIZE===");
          console.log(retVal);
          return Promise.resolve(retVal);
        } else {
          throw new Error("Invalid email or password");
        }
      },
    }),
  ],
};


Any suggestions?

0 Replies