Reputation: 11
NextAuth not generating session token for Credential provider
I'm making an app that uses the t3 stack and want to have the credential provider from nextauth on top of the other providers, but when i try to log a user in i only get an error in the console this error.
cookie next-auth.session-token has been rejected because it is already expired
And when I check the lokal storage there is no nextauth.session-token, but when i log in using github i can see the cookie and everything works fine. My thought is that there is something i need to do when registering the user but i could be wron and i just need to configure nextauth proppely. My nextauth options are
export const authOptions: NextAuthOptions = {
// Include user.id on session
callbacks: {
session({ session, user }) {
if (session.user) {
session.user.id = user.id
}
return session
},
},
// Configure one or more authentication providers
adapter: PrismaAdapter(prisma),
providers: [
CredentialsProvider({
id: 'app',
credentials: {
email: { label: 'Email', type: 'email' },
password: { label: 'Password', type: 'password' },
},
authorize: async (credentials: { email: string; password: string }) => {
const user = await prisma.user.findUnique({
where: { email: credentials.email },
})
const valid = await bcrypt.compare(credentials.password, user.password)
if (!user || !valid) {
return null
}
if (user) {
return { ...user, email: user.email }
}
return user
},
}),
DiscordProvider({
clientId: env.DISCORD_CLIENT_ID,
clientSecret: env.DISCORD_CLIENT_SECRET,
}),
GitHubProvider({
clientId: env.ID_GITHUB,
clientSecret: env.SECRET_GITHUB,
}),
GoogleProvider({
clientId: process.env.GOOGLE_ID,
clientSecret: process.env.GOOGLE_SECRET,
authorization: {
params: {
prompt: 'consent',
access_type: 'offline',
response_type: 'code',
},
},
}),
],
}
I'm using prisma to manage my DB and can see in prisma studio that there is a difference between the users that I've registerd in my app and the ones that are from other providers. The ones that i want to use credentials for dont have any account linked to them and no session either meanwhile the other users that are logging in with say github have that.
If you want to see the full source code you can find the repo here https://github.com/Retrokiller543/Blog-app-t3. You can also find a vercel deployment of the app on https://blog-app-woad-one.vercel.app/ if you want to see the issue for your self.
I've tried to find any information about how nextauth makes the tokens and what it needs but havent found anything clear.
Upvotes: 1
Views: 2960
Answers (1)
Reputation: 31
According to the NextAuth Docs:
Users authenticated in this manner are not persisted in the database, and consequently that the Credentials provider can only be used if JSON Web Tokens are enabled for sessions.
Read more at https://next-auth.js.org/providers/credentials
This means that you will have to switch your session strategy to "jwt" in your options. You can do this by navigating to your "pages/api/auth/[...nextauth].ts" file and adding this to your NextAuthOptions:
session: {
strategy: "jwt",
},
Read more at https://next-auth.js.org/configuration/options#session
Upvotes: 3
Related Questions
- next-auth credentials provider authorize type error
- Next-Auth signIn with Credentials is not working in NextJS
- Next-Auth credentials not returning session and not storing Session and Account in db via prisma adapter
- Nextjs next-auth sessionProvider not reading session property Typescript
- NextJS next-auth get session always null
- Using NextAuth.js CredentialsProvider in TypeScript
- Problem using Next-Auth with Credentials Provider for authenticating on existing system
- NextAuth with custom Credential Provider Not creating session
- NextAuth Credential Provider with Prisma Adapter in Next12 does nothing
- Session undefined in client side although available in server side in NextAuth.js v4 beta