feat: rename session strategy #3144
Conversation
|
still get CALLBACK_CREDENTIALS_JWT_ERROR , session: {
strategy: 'jwt',
}, |
|
Same as above, unable to get a csrf token: [next-auth][error][CALLBACK_CREDENTIALS_JWT_ERROR] |
|
Having the exact same problem as the two people above me. Tried both the old and new strategy way and always receiving the |
|
Addressed already. #3216 reported this, the fix has landed, release coming 🔜. Use the version here ttps://github.com//pull/3217#issuecomment-970646869 or |
|
I'm having the same issue with next-auth v4. even after setting |
|
Is there a way to use next-auth for using jwt tokens in session storage but not using it nor including a provider for user login authentication? |
BREAKING CHANGE: The `session.jwt: boolean` option has been renamed to `session.strategy: "jwt" | "database"`. The goal is to make the user's options more intuitive: 1. No adapter, `strategy: "jwt"`: This is the default. The session is saved in a cookie and never persisted anywhere. 2. With Adapter, `strategy: "database"`: If an Adapter is defined, this will be the implicit setting. No user config is needed. 3. With Adapter, `strategy: "jwt"`: The user can explicitly instruct `next-auth` to use JWT even if a database is available. This can result in faster lookups in compromise of lowered security. Read more about: https://next-auth.js.org/faq#json-web-tokens Example: ```diff session: { - jwt: true, + strategy: "jwt", } ```
This PR makes it hopefully more clear how the user can use the different session strategies.
strategy: "jwt": This is the default. The session is saved in a cookie and never persisted anywhere.strategy: "database": If an Adapter is defined, this will be the implicit setting. No user config is needed.strategy: "jwt": The user can explicitly instructnext-authto use JWT even if a database is available. This can result in faster lookups in compromise of lowered security. Read more about: https://next-auth.js.org/faq#json-web-tokensDocs: nextauthjs/docs#105