使用以下 NextAuthConfig (某些区域已编辑),我无法获得回调。授权触发。官方文档 https://authjs.dev/reference/next-auth#authorized 中提到了它对中间件的某种依赖,尽管这对我来说似乎并不清楚。有什么想法吗?
const authOptions: NextAuthConfig = {
trustHost: true,
session: {
strategy: 'jwt',
},
providers: [
CredentialsProvider({
id: 'mycompany',
name: 'mycompany',
type: 'credentials',
authorize: authorize as any,
credentials: {
email: { label: 'Email', type: 'text', placeholder: '[email protected]' },
password: { label: 'Password', type: 'password' },
},
}) as any,
],
pages: {
signIn: '/auth/signin',
},
callbacks: {
async authorized({ auth, request: { nextUrl } }) {
throw new Error('this never happens')
},
redirect: ({ baseUrl, url }: any) => {
// snip (works)
},
async jwt({ token, ...params }: any) {
// snip (works)
},
async session({ session, ...params }: any) {
// snip (works)
},
}
}
export default authOptions
async function authorize(credentials?: { email?: string; password?: string }) {
// snip (works)
}
中间件.ts
import { getSubdomainFromHost } from '@mycompany/shared/helpers/url';
import { NextResponse, type NextFetchEvent, type NextRequest } from 'next/server';
import { getLogger } from './lib/getLogger';
const logger = getLogger()
// export const config = {
// matcher: [
// /*
// * Match all request paths except for the ones starting with:
// * - api (API routes)
// * - _next/static (static files)
// * - _next/image (image optimization files)
// * - favicon.ico (favicon file)
// */
// {
// source: '/((?!_next/static|_next/image|favicon.ico|icons|logo).*)',
// missing: [
// { type: 'header', key: 'next-router-prefetch' },
// { type: 'header', key: 'purpose', value: 'prefetch' },
// ],
// },
// ],
// }
export function middleware(request: NextRequest, _next: NextFetchEvent) {
const headers = new Headers(request.headers)
headers.set('x-forwarded', request.url)
headers.set('x-base-url', `${request.nextUrl.protocol}://${request.nextUrl.host}`)
// const nextUrl = request.nextUrl
const host = request.headers.get('host')
// const pathname = nextUrl.pathname
const subdomain = getSubdomainFromHost(host)
if(subdomain) {
headers.set('x-subdomain', subdomain)
}
logger.debug(`[Middleware] NextResponse.next: `, request.url)
return NextResponse.next({
request: {
headers,
},
})
}
npm 版本:
"next": "14.2.3",
"next-auth": "5.0.0-beta.17",
当您使用
callbacks.authorized
作为保护私有页面的中间件时,auth
会被执行,但这里不是这种情况。
export const middleware = auth((request: NextRequest) {
// `callbacks.authorized` will be called as part of the wrapper
// You have access to request.auth
const headers = new Headers(request.headers)
headers.set('x-forwarded', request.url)
// ...
})