Next auth Error handling
Unanswered
Eared Trogon posted this in #help-forum
Eared TrogonOP
Hi,
I am building a project that uses nextauth5 next14 prisma and mongodb.
I came across a scenario where the user is logged in and the session is there but at that time the user gets deleted from the database.
Now I am using getUserById which returns the user data from the database using the user id from the session. But since the user is deleted the function returns null so I redirect to /auth/login but my middleware gets the session and throws me back to / and i get into a loop.
Help would be really appreciated. Thankyou.
I am building a project that uses nextauth5 next14 prisma and mongodb.
I came across a scenario where the user is logged in and the session is there but at that time the user gets deleted from the database.
Now I am using getUserById which returns the user data from the database using the user id from the session. But since the user is deleted the function returns null so I redirect to /auth/login but my middleware gets the session and throws me back to / and i get into a loop.
Help would be really appreciated. Thankyou.
16 Replies
Black Scoter
Hi
I ask you a question
which scenario did you use?
@Black Scoter which scenario did you use?
Eared TrogonOP
The user is logged in so the session is still there
Then the user gets deleted from the database
At this point how to handle a null user return as if i redirect to /auth/login the middleware throws back to the homepage
Then the user gets deleted from the database
At this point how to handle a null user return as if i redirect to /auth/login the middleware throws back to the homepage
Black Scoter
So you mean that when user log in, in the database user is deleted just time?
@Black Scoter So you mean that when user log in, in the database user is deleted just time?
Eared TrogonOP
Yes there can be a scenario like this
So when the user is logged in that means the session is still there but the user is not there in the database
Black Scoter
i want to see your login code
@Black Scoter i want to see your login code
Eared TrogonOP
import { User } from "@prisma/client";
import { redirect } from "next/navigation";
import { getUserById } from "@/actions/user";
import HorizontalWrapper from "@/components/horizontal-wrapper";
import ProfileHeader from "@/features/profile/components/profile-header";
import { getCurrentUser } from "@/lib/current-user";
export default async function Home() {
// Declare user variable
let user: User | null = null;
// Get current user
const currentUser = await getCurrentUser();
// If user is not found, redirect to login page
if (!currentUser || !currentUser.id) {
redirect("/auth/login");
}
// Get user by id
try {
user = await getUserById(currentUser.id);
if (!user) {
//WHAT TO DO HERE
}
} catch {
//WHAT TO DO HERE
}
// Return user profile
return (
<HorizontalWrapper>
<section className="flex flex-col gap-5">
<ProfileHeader user={user} />
</section>
</HorizontalWrapper>
);
}Black Scoter
i receive it
did you code the project following the course?
pls send me the code to store the login data in the database
@Black Scoter did you code the project following the course?
Eared TrogonOP
which course?
Black Scoter
well... I don't know exactly
it is my guessing
Eared TrogonOP
Understanding the Issue
User is logged in → A session is stored in cookies or JWT.
Admin deletes the user from the database → The user no longer exists in the database.
Session still exists → The user is technically "authenticated" but has no corresponding database entry.
Fetching user data returns null → The application tries to use the deleted user's ID but fails.
Redirection issue:
If you redirect to /auth/signin, the middleware sees an active session and redirects back to the root.
If using a server component, calling signOut() is not possible directly.
User is logged in → A session is stored in cookies or JWT.
Admin deletes the user from the database → The user no longer exists in the database.
Session still exists → The user is technically "authenticated" but has no corresponding database entry.
Fetching user data returns null → The application tries to use the deleted user's ID but fails.
Redirection issue:
If you redirect to /auth/signin, the middleware sees an active session and redirects back to the root.
If using a server component, calling signOut() is not possible directly.