MissingCRSF
Unanswered
Spotted Redshank posted this in #help-forum
Spotted RedshankOP
Hi, trying to add NextAuth support to a dynamic subdomain website. Currently I'm trying to get it to work so
http://851129766299041802.localhost:3020/api/auth/signin works but it redirects back to http://localhost:3020/api/auth/signin?error=MissingCSRF
I'm using NextAuth "next-auth": "^5.0.0-beta.25"
Route.ts
http://851129766299041802.localhost:3020/api/auth/signin works but it redirects back to http://localhost:3020/api/auth/signin?error=MissingCSRF
I'm using NextAuth "next-auth": "^5.0.0-beta.25"
Route.ts
// src\app\api\auth\[...nextauth]\route.ts
import { handlers } from "@/auth";
export const { GET, POST } = handlers;
import { handlers } from "@/auth";
export const { GET, POST } = handlers;// src\auth.config.ts
// auth.config.ts
import { NextAuthConfig } from "next-auth";
import Discord from "next-auth/providers/discord";
export const authConfig: NextAuthConfig = {
callbacks: {
async authorized({
auth,
request: { nextUrl },
}: {
auth: any;
request: { nextUrl: URL };
}) {
const isLoggedIn = !!auth?.user;
const isOnProtected =
!nextUrl.pathname.startsWith("/login") &&
!nextUrl.pathname.startsWith("/api/auth");
if (isOnProtected) {
if (isLoggedIn) return true;
return false;
} else if (isLoggedIn) {
return true;
}
return true;
},
},
providers: [
Discord({
clientId: process.env.DISCORD_CLIENT_ID,
clientSecret: process.env.DISCORD_CLIENT_SECRET,
}),
],
};
export default authConfig;// src\auth.ts
import { AuthConfig, NextAuth, Lib } from "@/.";
import { headers } from "next/headers";
export const { auth, handlers, signIn, signOut } = NextAuth(async () => {
const reqHeaders = headers();
const settings = await Lib.settings.getSettingsByDomain(
reqHeaders.get("host") as string
);
if (AuthConfig?.providers[0]?.options) {
AuthConfig.providers[0].options.clientId = settings?.["auth-client-id"];
}
if (AuthConfig?.providers[0]?.options) {
AuthConfig.providers[0].options.clientSecret =
settings?.["auth-client-secret"];
}
return AuthConfig;
});// src\middleware.ts
import NextAuth from "next-auth";
import { authConfig } from "./auth.config";
export default NextAuth(authConfig).auth;
export const config = {
matcher: ["/servers(.*)", "/dashboard(.*)"],
};1 Reply
Spotted RedshankOP
Seems like when i set NEXTAUTH_URL it works but I need it to be dynamic