Next-auth signin 重定向到 /signin?csrf=true
[英]Next-auth signin redirects to /signin?csrf=true
问题描述
i have implemented next-auth as in documentation,when i go to http://localhost:3001/api/auth/signin, i see this
我已经在文档中实现了 next-auth,当我从 go 到 http://localhost:3001/api/auth/signin 时,我看到了这个
after this when i click signin with google or github, i page refrshes and just gets redirected to http://localhost:3001/api/auth/signin?csrf=true nothing happens after that.在此之后,当我点击使用 google 或 github 登录时,我的页面刷新并被重定向到http://localhost:3001/api/auth/signin?csrf=true之后没有任何反应。 its the same page.它是同一页。
my [...nextauth.js] file我的 [...nextauth.js] 文件
import NextAuth from "next-auth";
import Providers from "next-auth/providers";
export default NextAuth({
providers: [
Providers.Google({
clientId: process.env.GOOGLE_CLIENT,
clientSecret: process.env.GOOGLE_KEY,
}),
Providers.GitHub({
clientId: process.env.GITHUB_CLIENT,
clientSecret: process.env.GITHUB_SECRET,
}),
],
});
any idea, why is it not working任何想法,为什么它不起作用
i thing it has something to do with my node-express server the code for that is我认为这与我的 node-express 服务器有关,代码是
const express = require("express");
const app = express();
const server = require("http").createServer(app);
const next = require("next");
const nextApp = next({ dev: true });
const nextHandler = nextApp.getRequestHandler();
/*******************ROUTES****************/
const userRoutes = require("./server/routes/user");
nextApp.prepare().then(() => {
app.use("/node/user", userRoutes);
app.all("*", (req, res) => nextHandler(req, res));
server.listen(3001, err => {
if (err) throw err;
console.log("> ---------Server is ready on port 3001------------");
});
});
1 个解决方案
解决方案1
0 2022-02-24 13:41:39
I had something similar, also using a custom express server.我有类似的东西,也使用自定义快递服务器。 Looking in next-auth/dist/server/index.js you end up hitting that redirect whenever csrfTokenVerified is false.查看next-auth/dist/server/index.js ,只要csrfTokenVerified为 false,您最终会点击该重定向。 In my case, the csrf token was being sent with the signin/[provider] request.在我的例子中,csrf 令牌是与 signin signin/[provider]请求一起发送的。 I think that the client was sending the request body urlencoded, and this was not parsed by the express server so never made it is as far as the next auth server endpoints.我认为客户端正在发送请求主体 urlencoded,并且这没有被 express 服务器解析,所以从来没有到达下一个 auth 服务器端点。 I fixed it using node package bodyparser and adding this line to my express server setup app.use(urlencoded({ extended: true }));我使用节点 package bodyparser修复了它,并将此行添加到我的快速服务器设置app.use(urlencoded({ extended: true })); . . I didn't have this problem with next v9, but did with newer releases.我在下一个 v9 中没有这个问题,但在较新的版本中有。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.