N
Nuxt2w ago
amazonaffected

Nuxt-auth causing 500 Server Error due to invalid url passed to `new URL`.

What is the callbackUrl property of a SessionRequired error in nuxt-auth supposed to hold? See here: https://github.com/sidebase/nuxt-auth/blob/734953f89bd19192540452d9e0fbb225d01b28c3/src/runtime/middleware/auth.ts#L99 
  if (authConfig.provider.type === 'authjs') {
    const signInOptions: Parameters<typeof signIn>[1] = { error: 'SessionRequired', callbackUrl: determineCallbackUrl(authConfig, () => to.fullPath) }
    // eslint-disable-next-line ts/ban-ts-comment
    // @ts-ignore This is valid for a backend-type of `authjs`, where sign-in accepts a provider as a first argument
    return signIn(undefined, signInOptions) as ReturnType<typeof navigateToAuthPages>
  }
  if (authConfig.provider.type === 'authjs') {
    const signInOptions: Parameters<typeof signIn>[1] = { error: 'SessionRequired', callbackUrl: determineCallbackUrl(authConfig, () => to.fullPath) }
    // eslint-disable-next-line ts/ban-ts-comment
    // @ts-ignore This is valid for a backend-type of `authjs`, where sign-in accepts a provider as a first argument
    return signIn(undefined, signInOptions) as ReturnType<typeof navigateToAuthPages>
  }
I'm asking because this causing me 500 errors, because the final URL is invalid when passed to new URL. Basically, when I visit http://localhost:3000/welcome and /welcome is protected. The value of callbackUrl is determiend to be "/welcome" (which is the exact same value as to.fullPath, actually it is taken from it). So, I tried to manually set it to include the hostname and proto (e.g. "http://localhost:3000/welcome") but then it causes an infinite redirect to the same page. I've already tried setting up the correct env variables and baseURL but to no avail. The server always throws a 500 Error due to invalid value passed to new URL, but then somehow the client doesn't have this error and redirect to the auth page. More context: * using authjs * using Keycloak provider (only provider). * Already added NUXT_AUTH_ORIGIN=http://localhost:3000 * Already tried with and without baseURL
GitHub
nuxt-auth/src/runtime/middleware/auth.ts at 734953f89bd19192540452d...
Authentication built for Nuxt 3! Easily add authentication via OAuth providers, credentials or Email Magic URLs! - sidebase/nuxt-auth
5 Replies
amazonaffected
amazonaffected7d ago
Alright, there's something nasty going on. But I don't have the experience to figure it out. In this screenshot, those lines weren't available in the version I had. (I think I had h3 v.1.12.0) And I suspect there are other code blocks that my installed version of h3 that contributed to the nuxt-auth issue I was having. I only knew about this when I installed a fresh nuxt, and sidebase-auth app which worked flawlessly. I then checked all versions in package.json and they matched the versions I had in my real nuxt project. Anyways, I tried multiple times to make npm use the 1.13 version of h3 instead of 1.12, and it wouldn't until I removed both package-lock.json and node_modules/. It's really weird for me that an updated version of a nested dependency won't update in existing project when the next npm i command is run and for fresh installs the new version is always used.
No description
Cue
Cue7d ago
Usually npx nuxi upgrade -f is more than sufficient (and the recommended method) to run the upgrade procedure. h3 won’t upgrade in an existing install from, e.g. 1.12 to 1.13, using npm install nuxt or npm update nuxt simply because npm doesn’t update non-root dependencies that are within a valid semver version range specified by the dependent package. Hence the recommended way to update Nuxt dependencies is to run the aforementioned command.
amazonaffected
amazonaffected7d ago
Thanks a lot for clarifying how this works. Is my understanding correct that npx nuxi upgrade -f will still upgrade non-root dependencies even if I'm already running latest Nuxt version? Because that was my case (I created the project around 2 weeks ago), because this isn't mentioned in the documentation. Regardless, I'd still give it a shot next time I encounter a similar issue.
Cue
Cue7d ago
Yes, because the -f or —force flag will do exactly what you’ve done; nukes the lock file and node_modules folder.
amazonaffected
amazonaffected7d ago
Perfect!
Want results from more Discord servers?
Add your server