a-d*_*awg 29 node.js jwt next.js next-auth
我使用此代码能够将凭证 next-auth 提供程序与 cognito 一起使用作为 oauth 服务:这允许电子邮件和密码身份验证。我正在运行 next-auth@4.2.1:
import CognitoProvider from "next-auth/providers/cognito";
import NextAuth from 'next-auth'
import CredentialsProvider from "next-auth/providers/credentials"
import * as cognito from '../../../lib/cognito'
import { Auth } from 'aws-amplify';
export default NextAuth({
providers: [
CredentialsProvider({
credentials: {
username: { label: "Username", type: "text", placeholder: "jsmith" },
password: { label: "Password", type: "password" }
},
async authorize(credentials, req) {
try {
const user = await Auth.signIn(credentials.username, credentials.password);
return user
} catch (error) {
console.log('error signing in', error);
}
}
})
],
debug: process.env.NODE_ENV === 'development' ? true : falsey
})
我经常收到这个错误:
https://next-auth.js.org/errors#jwt_session_error decryption operation failed {
message: 'decryption operation failed',
stack: 'JWEDecryptionFailed: decryption operation failed\n' +
' at gcmDecrypt (/home/aurel/Documents/repos/front/node_modules/jose/dist/node/cjs/runtime/decrypt.js:67:15)\n' +
' at decrypt (/home/aurel/Documents/repos/front/node_modules/jose/dist/node/cjs/runtime/decrypt.js:92:20)\n' +
' at flattenedDecrypt (/home/aurel/Documents/repos/front/node_modules/jose/dist/node/cjs/jwe/flattened/decrypt.js:119:52)\n' +
' at async compactDecrypt (/home/aurel/Documents/repos/front/node_modules/jose/dist/node/cjs/jwe/compact/decrypt.js:18:23)\n' +
' at async jwtDecrypt (/home/aurel/Documents/repos/front/node_modules/jose/dist/node/cjs/jwt/decrypt.js:8:23)\n' +
' at async Object.decode (/home/aurel/Documents/repos/front/node_modules/next-auth/jwt/index.js:64:7)\n' +
' at async Object.session (/home/aurel/Documents/repos/front/node_modules/next-auth/core/routes/session.js:41:28)\n' +
' at async NextAuthHandler (/home/aurel/Documents/repos/front/node_modules/next-auth/core/index.js:96:27)\n' +
' at async NextAuthNextHandler (/home/aurel/Documents/repos/front/node_modules/next-auth/next/index.js:21:19)\n' +
' at async /home/aurel/Documents/repos/front/node_modules/next-auth/next/index.js:57:32',
name: 'JWEDecryptionFailed'
}
在文档中找到https://next-auth.js.org/errors#jwt_session_error但并没有真正帮助
谢谢
a-d*_*awg 54
只需添加一个秘密即可使其发挥作用
export default NextAuth({
secret: process.env.AUTH_SECRET,
providers: [
...
]
})
Cha*_*pol 36
NextAuth需要NEXTAUTH_SECRET环境变量来加密 JWT 并散列电子邮件验证令牌。您可以将其放入.env文件中,例如
NEXTAUTH_SECRET=say_lalisa_love_me_lalisa_love_me_hey
请参阅NextAuth 参考
Sun*_*ota 11
NEXTAUTH_SECRET 用于加密 NextAuth.js JWT,并对电子邮件验证令牌进行哈希处理。这是 NextAuth 和中间件中秘密选项的默认值。
有关更多详细信息,请访问: https: //next-auth.js.org/configuration/options#secret
JWTKeySupport:密钥不支持HS512验证算法
有关更多详细信息,请访问: https: //next-auth.js.org/errors#jwt_session_error
使用以下步骤解决该问题。
第 1 步:使用以下命令生成随机密钥
openssl rand -base64 32
.env步骤2:您可以像这样在文件中添加NEXTAUTH_SECRET
NEXTAUTH_SECRET=YOUR_KEY_HERE,
next.config.js或者,像这样添加到文件中
NEXTAUTH_SECRET=YOUR_KEY_HERE,
步骤 3:添加一个秘密[...nextauth].ts
export const nextOption = {
secret: process.env.NEXTAUTH_SECRET as string,
...<rest of your code>
| 归档时间: |
|
| 查看次数: |
27481 次 |
| 最近记录: |