fix: ignore / for NEXTAUTH_URL path, infer NEXTAUTH_SECRET

[balazsorban44]

If you want basePath to be the root (eg /), you can set the basePath config option instead.

This fixes the issue where people unnecessarily have NEXTAUTH_URL=http://localhost:3000 or AUTH_URL=http://localhost:3000 set, which has not been needed for a very long time. But to keep things non-breaking, we will keep supporting this format.

At some point, we could add a warning when we don't detect a pathname on these values to nudge people to drop it, or change it to the correct http://localhost:3000/api/auth format instead.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

3 Ignored Deployments

Name	Status	Preview	Comments	Updated (UTC)
auth-docs	⬜️ Ignored (Inspect)			Feb 7, 2024 11:45pm
next-auth-docs	⬜️ Ignored (Inspect)			Feb 7, 2024 11:45pm
nextra-docs	⬜️ Ignored (Inspect)			Feb 7, 2024 11:45pm

[n2k3]

my .env.local was:

AUTH_URL="https://localhost:3300"

and I got the following error after updating to [email protected]:

[auth][error] UnknownAction: Cannot parse action at /api/auth/session .Read more at https://errors.authjs.dev#unknownaction
    at parseActionAndProviderId (C:\projects\nvvk\apps\frontend\user-portal-next\.next\server\edge\chunks\node_modules_@auth_core_4f1cf6._.js:842:49)
    at Module.toInternalRequest (C:\projects\nvvk\apps\frontend\user-portal-next\.next\server\edge\chunks\node_modules_@auth_core_4f1cf6._.js:784:40)
    at Module.Auth (C:\projects\nvvk\apps\frontend\user-portal-next\.next\server\edge\chunks\node_modules_@auth_core_4f1cf6._.js:4863:213)
    at httpHandler (C:\projects\nvvk\apps\frontend\user-portal-next\.next\server\edge\chunks\node_modules_468be3._.js:3402:199)
    at C:\projects\nvvk\apps\frontend\user-portal-next\.next\server\edge\chunks\node_modules_next_dist_esm_3f24f2._.js:7326:43
    at C:\projects\nvvk\apps\frontend\user-portal-next\.next\server\edge\chunks\node_modules_next_dist_esm_3f24f2._.js:2525:36
    at NoopContextManager.with (C:\projects\nvvk\apps\frontend\user-portal-next\.next\server\edge\chunks\node_modules_next_dist_compiled_b802ce._.js:1039:30)
    at ContextAPI.with (C:\projects\nvvk\apps\frontend\user-portal-next\.next\server\edge\chunks\node_modules_next_dist_compiled_b802ce._.js:709:58)
    at NoopTracer.startActiveSpan (C:\projects\nvvk\apps\frontend\user-portal-next\.next\server\edge\chunks\node_modules_next_dist_compiled_b802ce._.js:1632:34)
    at ProxyTracer.startActiveSpan (C:\projects\nvvk\apps\frontend\user-portal-next\.next\server\edge\chunks\node_modules_next_dist_compiled_b802ce._.js:1672:36)

Took me about 2 hours to figure out I had to change my .env.local value to make it work again:

AUTH_URL="https://localhost:3300/api/auth"

Did this change break my setup because I have a non-default port of 3300 and apparently I had my AUTH_URL value incorrectly configured? So maybe this change was a good thing 😄 I bet more people will be in the same situation.

---

Edit: It seems removing the AUTH_URL variable completely from my .env.local file, also works! So I guess it's correctly inferred as claimed 👍

[pippinmole]

Hi,

If you want people to stop using NEXTAUTH_URL in the new auth, please add a warning when it's set. Also, you should probably mention it's no longer required in your v5 Upgrade Guide.

Thanks

[furkankinyas]

If trailingSlash is true, the redirect problem persists."