-
-
Notifications
You must be signed in to change notification settings - Fork 3.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(next): returns correct status for signing in with redirect: false
for route handler
#8775
fix(next): returns correct status for signing in with redirect: false
for route handler
#8775
Conversation
The latest updates on your projects. Learn more about Vercel for Git ↗︎
2 Ignored Deployments
|
🎉 Experimental release published 📦️ on npm! pnpm add next-auth@0.0.0-pr.8775.a98a849e yarn add next-auth@0.0.0-pr.8775.a98a849e npm i next-auth@0.0.0-pr.8775.a98a849e |
@balazsorban44 Really apologize for my tone in #7725 . I can't really begin to appreciate the work you have done for the community. Hundreds of thousands of developers are powering their apps with this awesome package. I never intended to disregard or disrespect you. Thank you so much for all the hard work you are putting into it. |
@umair-mirza probably wasn't intentional on your side, no worries. What I tried to clarify in #7725 (comment) is how this is a very widespread issue in OSS, sometimes it's hard to see the people on the other side. Appreciate your words! 🙏 |
☕️ Reasoning
When signing in with
next-auth/react
signIn()
function withredirect: false
, the status is not correctly set in the response. There are two cases that this bug will return 200 OK instead of the expected status:authorize
function returns false or throws an error. Expected status: 401signIn
callback returns false. Expected status: 403Basically, the bug appears every time we return
status
andredirect
at the same time for onereturn
statement inpackages/next-auth/src/core/routes/callback.ts
.Note that this bug only affects Route Handler. For API Route, we calls
res: NextApiResponse
instead of returning a newResponse
object.🧢 Checklist
🎫 Affected issues
Please scout and link issues that might be solved by this PR.
Fixes: #7638, fixes #7725, fixes #8340
📌 Resources