[我使用Next.js(11.1.2(+NextAuth(4.0.0-beta.7(登录Strapi API,仅使用凭据提供商(JWT(。]
整个身份验证流是";工作";使用此[...nextauth].js:
import NextAuth from "next-auth"
import CredentialsProvider from 'next-auth/providers/credentials'
export default NextAuth({
providers: [
CredentialsProvider({
name: 'AppName',
credentials: {
email: {label: "Email", type: "text", placeholder: "daveglow@foomail.com"},
password: { label: "Password", type: "password" },
},
async authorize(credentials, req) {
const res = await fetch(process.env.CREDENTIALS_AUTH_URL, {
method: 'POST',
body: JSON.stringify(credentials),
headers: { "Content-Type": "application/json" }
})
const user = await res.json()
if (res.ok && user) {
return user
}
return null
}
})
],
session: {
strategy: "jwt",
maxAge: 30 * 24 * 60 * 60 // 30 days
},
pages: {
signIn: '/signin',
signOut: '/signin',
error: '/signin'
},
})
但在用户登录几秒钟后,终端显示此消息并放弃会话:
[next-auth][warn][NO_SECRET] https://next-auth.js.org/warnings#no_secret
[next-auth][error][JWT_SESSION_ERROR] https://next-auth.js.org/errors#jwt_session_error decryption operation failed {
message: 'decryption operation failed',
stack: 'JWEDecryptionFailed: decryption operation failedn'
所以,我试着添加:
secret: process.env.SECRET, //I've created using $ openssl rand -base64 32
然后我收到两条不同的信息
浏览器控制台:
[next-auth][error][CLIENT_FETCH_ERROR]
https://next-auth.js.org/errors#client_fetch_error
VS代码终端:
[next-auth][error][CALLBACK_CREDENTIALS_JWT_ERROR]
https://next-auth.js.org/errors#callback_credentials_jwt_error Signin in with credentials only supported if JWT strategy is enabled UnsupportedStrategy [UnsupportedStrategyError]: Signin in with credentials only supported if JWT strategy is enabled
我尝试了几种不同的选择,但一直很混乱。现在,我不知道该怎么办(你能帮我吗?
我已升级到4.0.1版本。修复了此问题。
这可能是下一个auth的beta 7版本中引入的一个bug,如中所述https://github.com/nextauthjs/next-auth/issues/3216
我不是专家。但我认为这是库NEXT auth 4.0.0 的当前问题
我可以使用";下一次授权":"3.25.0";。并遵循本教程