how to provide a secret to nextauth

Question

i am using nextauth v:4.7.0, i didnt have a client secret and local environment worked well, after deploying to vercel, i was forced to provide a secret, from the code below

export default NextAuth({
  session: {
    // jwt: true,
    strategy: "jwt"
  },
  providers: [..my credentials  ],
  secret: process.env.NEXTAUTH_SECRET,
  jwt: {
    secret: process.env.NEXTAUTH_SECRET,
    encryption: true
  }

});

but after doing this, i am getting this error both in production and development

  error: {
    message: 'invalid json response body at http://localhost:3000/auth/session reason: Unexpected token < in JSON at position 0',
    stack: 'FetchError: invalid json response body at http://localhost:3000/auth/session reason: Unexpected token < in JSON at position 0\n' +
      '    at D:\\projects\\deployed\\booking-portal\\node_modules\\next\\dist\\compiled\\node-fetch\\index.js:1:49606\n' +
      '    at processTicksAndRejections (node:internal/process/task_queues:96:5)',
    name: 'FetchError'
  },
  path: 'session',
  header: {
    host: 'localhost:3000',
    ```
i dont know what it means, please help

now, i was getting client-fetch error, both local and vercel, when i added NEXTAUTH_URL, local is working fine, but then vercel prints [CALLBACK_CREDENTIALS_JWT_ERROR] in its console, but prints client fetch error in chrome console — jeho Ntanda, Jun 30 '22 at 16:57

score 0 · Answer 1 · answered Jul 04 '22 at 14:49

I don't think that the way how you set is correct:

export default NextAuth({
  session: {
    strategy: "jwt",
  },
  providers: [
    CredentialsProvider({
       async authorize(credentials) {
      ... set credentials related to your database setup

      return Promise.resolve(user);

    }
    }),
  ],
  callbacks: {
    //   jwt callback is only called when token is created
    jwt: async ({ token, user }) => {
      // user is obj that we have received from authorize Promise.resolve(user)
      user && (token.user = user);
      // not this token has user property
      return Promise.resolve(token);
    },
    // user arg here is actully token that returned from jwt.
    session: async ({ session, token }) => {
      // session callback is called whenever a session for that particular user is checked
      //   console.log("user in ...next auth api", token);
      // we can add more properties here to the session obj
      session.user = token.user;
      // console.log("session", session);
      // since I get error, I return Promise.resolve(session)
      return Promise.resolve(session);
    },
  },
  secret: process.env.JWT_SECRET,
});

When you deployed your code to vercel, make sure adding env variables to the project configuration

how to provide a secret to nextauth

1 Answers1