You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently NextAuth is incompatible with AWS Lambda@Edge. This is because NextAuth is opinionated about how NEXTAUTH_URL needs to be set via environment variable but Lambda@Edge does not support environment variables to date.
I would like a workaround where we can set NEXTAUTH_URL via a secondary method where environment variables are not an option. I see two options:
Option 1: Setup NEXTAUTH_URL to fallback to NEXT_PUBLIC_NEXTAUTH_URL if the latter is set. This has the downside that it makes the value insecure, however this value is unlikely to be a problem if discovered in my use case.
Option 2: Setup url option in NextAuthOptions to set a default value which can be overwritten by the NEXTAUTH_URL environment variable. This is another insecure option, probably moreso than option 1, but would achieve the goal.
Other options: I'm eager to hear of other options or workarounds to this issue which would allow me to use NextAuth in our existing Lambda@Edge setup.
On the note of security, I would love to have the option of setting this, even if it's insecure, when the alternative is downgrading my infrastructure to use non-global Lambda. In my case the NEXTAUTH_URL just references the site my users are already on so being unable to set this with my current infrastructure setup due to security feels odd.
It uses Lambda@edge setup in the us-east-1 region and will throw errors when trying to add environment variables.
I've also got Lambda@Edge in use for a site forked from the above repository which is failing to pull the session with the error CLIENT_FETCH_ERROR: https://www.klofron.uk
enhancementNew feature or requesttriageUnseen or unconfirmed by a maintainer yet. Provide extra information in the meantime.
1 participant
Converted from issue
This discussion was converted from issue #8602 on January 25, 2024 03:59.
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Description 📓
Currently NextAuth is incompatible with AWS Lambda@Edge. This is because NextAuth is opinionated about how NEXTAUTH_URL needs to be set via environment variable but Lambda@Edge does not support environment variables to date.
I would like a workaround where we can set NEXTAUTH_URL via a secondary method where environment variables are not an option. I see two options:
Option 1: Setup NEXTAUTH_URL to fallback to NEXT_PUBLIC_NEXTAUTH_URL if the latter is set. This has the downside that it makes the value insecure, however this value is unlikely to be a problem if discovered in my use case.
Option 2: Setup url option in NextAuthOptions to set a default value which can be overwritten by the NEXTAUTH_URL environment variable. This is another insecure option, probably moreso than option 1, but would achieve the goal.
Other options: I'm eager to hear of other options or workarounds to this issue which would allow me to use NextAuth in our existing Lambda@Edge setup.
On the note of security, I would love to have the option of setting this, even if it's insecure, when the alternative is downgrading my infrastructure to use non-global Lambda. In my case the NEXTAUTH_URL just references the site my users are already on so being unable to set this with my current infrastructure setup due to security feels odd.
How to reproduce ☕️
I've got my terraform infrastructure as code here: https://github.com/GNorfolk/react-app/tree/main/next/tf
It uses Lambda@edge setup in the us-east-1 region and will throw errors when trying to add environment variables.
I've also got Lambda@Edge in use for a site forked from the above repository which is failing to pull the session with the error CLIENT_FETCH_ERROR: https://www.klofron.uk
Contributing 🙌🏽
No, I am afraid I cannot help regarding this
Beta Was this translation helpful? Give feedback.
All reactions