@auth0/nextjs-auth0: Successful login but no session (on vercel)

marcusabu · April 5, 2024, 8:10am

Hi all,

Version: @auth0/nextjs-auth0:3.5.0

The login functionality stopped working for my app running in vercel. Locally the login flow still works fine.

According to the logs, the callback method is successfully called but no session in started and no “appSession” cookie is set.

Since there is no error, I’m not sure how to diagnose this problem. Any input would be appreciated!

You can try out the login flow here: https://impressie-ai.nl/

Regards

marcelina.barycka · April 5, 2024, 1:20pm

Hi there @marcusabu !

By any chance, do you maybe miss the SessionStore in your config file residing in Vercel?

import { SessionStore } from './session/stateful-session';

Ref:

github.com

auth0/nextjs-auth0/blob/859f5c7c1db8daac632ae54875cea4af7b236177/src/auth0-session/config.ts#L224


      
           * String value for the cookie name used for the internal session.
           * This value must only include letters, numbers, and underscores.
           * Defaults to `appSession`.
           */
          name: string;
          
          /**
           * By default, the session is stateless and stored in an encrypted cookie. But if you want a stateful session
           * you can provide a store with `get`, `set` and `destroy` methods to store the session on the server side.
           */
          store?: SessionStore<any>;
          
          /**
           * A function for generating a session id when using a custom session store.
           *
           * **IMPORTANT** You must use a suitably unique value to prevent collisions.
           */
          genId?: <Req = any, SessionType extends { [key: string]: any } = { [key: string]: any }>(
            req: Req,
            session: SessionType
          ) => string | Promise<string>;

github.com

auth0/nextjs-auth0/blob/859f5c7c1db8daac632ae54875cea4af7b236177/src/auth0-session/config.ts#L6


      
          import type {
            AuthorizationParameters as OidcAuthorizationParameters,
            ClientAuthMethod
          } from './client/abstract-client';
          import type { Agent } from 'https';
          import { SessionStore } from './session/stateful-session';
          import { Auth0RequestCookies } from './http';
          
          /**
           * Configuration properties.
           */
          export interface Config {
            /**
             * The secret(s) used to derive an encryption key for the user identity in a session cookie and
             * to sign the transient cookies used by the login callback.
             * Use a single string key or array of keys for an encrypted session cookie.

marcusabu · April 5, 2024, 1:38pm

Hey Marcelina,

Thanks for getting back to me. Is this SessionStore required for NextJs? I’ve followed the quick start guide (Auth0 Next.js SDK Quickstarts: Login) which did work for me for a couple of weeks. But I don’t see a reference to this store in the guide, so not sure how to implement this.

If possible, could you provide an example?

Regards

marcelina.barycka · April 8, 2024, 12:43pm

Hi @marcusabu !

Initially, I assumed that making a session stateful was the direction to take. But after additional investigation, I believe the issue might be related to the Vercel’s caching feature.

Please review our Knowledge Solution article - Callback handler fail 400 Bad request with NextJS and let us know if you have any questions!

system · April 22, 2024, 12:43pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.