Nextjs middleware post login redirect not working
• Framework: Next.js 14.2.21
• Auth Library: @kinde-oss/kinde-auth-nextjs v2.5.3
The middleware post login redirect fails (and I believe the token refresh fails too).
When signed in and opening a page which is protected by the middleware I see the logs:
authMiddleware: no access or id token, redirecting to login
⨯ TypeError: Invalid URL
at new URL (node:internal/url:816:29)
at eval (webpack-internal:///(rsc)/./node_modules/@kinde-oss/kinde-auth-nextjs/dist/server/index.js:23:55762)
at eval (webpack-internal:///(rsc)/./node_modules/@kinde-oss/kinde-auth-nextjs/dist/server/index.js:23:12358)
at Object.eval [as next] (webpack-internal:///(rsc)/./node_modules/@kinde-oss/kinde-auth-nextjs/dist/server/index.js:23:12463)
at s (webpack-internal:///(rsc)/./node_modules/@kinde-oss/kinde-auth-nextjs/dist/server/index.js:23:11181) {
code: 'ERR_INVALID_URL',
input: 'http://localhost:3001',
base: '/household'
}
And the URL shows: http://localhost:3001/api/auth/kinde_callback?code=.....
When not signed in and opening a page protected by middleware, it directs me to the Kinde login page, I sign in, then the redirect fails with the same issue as above.
I have also seen:
authMiddleware: access token expired, refreshing
authMiddleware: token refresh failed, redirecting to login
And then the same redirect error.
I think that means the postloginredirect is not working and the token refresh is failing with the same error.
Without middleware and manually checking for tokens and using the kinde login and register components, the login and postloginredirect work without issue.
Am I doing something wrong with the middleware or is this an issue on Kinde's side?
(Attached extra information as text file due to too long message warning)9 Replies
Hi, thanks for sharing! Could you please check the token page to see if hasura mapping is enabled?
It is not enabled. I assume it shouldn't be, I'm not using Hasura
Thanks for sharing! Just checking in as it was causing issues for specific users. Would it be possible to upgrade Next.js to the latest version?
I would rather avoid updating to nextjs 15 for now. I tried recently and a number of the packages that I use had issues. It makes more sense for me to wait until they have all caught up. Is what I described a known issue for you and nextjs 14?
Hi @swift, we’re aware of this issue and have merged a fix for it already. It will be available in the next release.
For an interim fix, you can provide the full absolute url as your redirect instead of a relative path.
Sorry for the inconvenience - hang in there, new release should be just around the corner 🙂
ok thanks. And where should that full URL go when using the middleware?
I already tried:
KINDE_SITE_URL=http://localhost:3001
KINDE_POST_LOGOUT_REDIRECT_URL=http://localhost:3001
KINDE_POST_LOGIN_REDIRECT_URL=http://localhost:3001
In the env file.
The docs show these options:
isReturnToCurrentPage - redirect the user back to the page they were trying to access
loginPage - define the path of the login page (where the users are redirected to when not authenticated)
publicPaths - define the public paths
isAuthorized - define the criteria for authorization
should I be doing something in the middleware function itself? Do you have a link or could you provide an example?
I've tried many different variations but always get the same result.
would anyone from kinde be able to provide an example of how you use middleware with nextjs 14? Or if middleware does not work, how you perform the token refresh without it?
😔Hi, sorry for the delayed response, and thanks for your patience! Here’s an example of a starter kit: https://github.com/kinde-starter-kits/kinde-nextjs-app-router-starter-kit. Could you give it a try and let me know if you have any questions?
Hi, yes I had tried this variation. I wanted to be sure it wasn't my problem but a bug in the kinde middleware. I made my own now as a work around now and will watch your releases and test the new versions in case you fix the middleware issue.
Thank you for testing this and for sharing your concerns. I appreciate your patience as we work on the next release. In the meantime, please let me know if you need any further assistance or encounter any other issues.