getSession unable to authenticate user in NextJS server-side

keegan.r.s21 · November 22, 2023, 2:25am

I’m trying to protect a data request that’s made in the api. My basic setup is this:

In src/app/myroute/[id]/page.tsx:

import { getSession } from "@auth0/nextjs-auth0/edge";

export default async function page(props: Props) {
    const session = await getSession();
    const { id } = props.params;
    const url = `${process.env.BASE_URL}/api/myroute/${id}`;
    const req = new NextRequest(url);
    const res = await fetch(req);

Which sends a request to src/app/api/myroute/[id]/route.ts:

import { getSession } from "@auth0/nextjs-auth0/edge";

export async function GET(req: NextRequest, props: Props): Promise<Response> {
    const res = NextResponse.next();
    const session = await getSession(req, res);

    if (!session) {
        return new Response("Not logged in", { status: 401 });
    }

My issue is that getSession() always returns undefined regardless of the user’s authentication status on the front end.

I have tried everything that I can think of and scoured the forums but can’t see anything that suggests this should be an issue. I’ve also tried manually adding the accessToken cookie to the request object:

const req = new NextRequest(url, { headers: { cookie: session.accessToken as string } });

Any help is much appreciated!

SaqibHussain · November 29, 2023, 8:48pm

Hi @keegan.r.s21

Welcome to the Auth0 Community.

I would suggest you check the Github repo examples like this one just an an example of protecting an API route https://github.com/auth0/nextjs-auth0/blob/main/EXAMPLES.md#protect-an-api-route as this may help you to spot what’s missing.

If you’re still having trouble you could post an issue here to get feedback directly from the SDK maintainers https://github.com/auth0/nextjs-auth0/issues

Warm regards.

keegan.r.s21 · December 6, 2023, 3:33am

Thanks for getting back to me @SaqibHussain.

This solved the issue! I’m not sure why my implementation didn’t work though… It seems that making a request with the function wrapped in withPageAuthRequired() makes it work.

system · December 20, 2023, 3:34am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
The API calls using nextjs-auth0 are always showing as unauthenticated Help apis , application	4	1126	April 8, 2024
NextJS getSession() is returning null Help auth0 , session , nextjs	4	7651	April 5, 2023
Next.js using getSession or getAccessToken resulting in user authentication being lost Help sessions , authentication-sessions	0	57	July 18, 2024
No Active Session or not authenticated [NextJS + App Router] Help sessions , authentication-sessions	0	80	July 25, 2024
NextJS JWT and Session Protected API Route Help sessions , authentication-sessions	0	677	October 18, 2023

getSession unable to authenticate user in NextJS server-side

Related Topics