Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings
Discussion options

gaomigithub
Nov 11, 2025

My repo

Hello guys,

I am currently learning about Next course from offical site and doing Chapter#14 (Adding Authentication). Other features such as "login" and "signout" learned from C#14 work good.

When I am testing what I did by learning at Protecting your routes with Next.js Proxy

// auth.config.ts

import type { NextAuthConfig } from 'next-auth';
 
export const authConfig = {
  pages: {
    signIn: '/login',
  },
  callbacks: {
    authorized({ auth, request: { nextUrl } }) {
      const isLoggedIn = !!auth?.user;
      const isOnDashboard = nextUrl.pathname.startsWith('/dashboard');
      console.log('Is logged in:', isLoggedIn, 'Is on dashboard:', isOnDashboard)
      if (isOnDashboard) {
        if (isLoggedIn) return true;
        return false; // Redirect unauthenticated users to login page
      } else if (isLoggedIn) {
        return Response.redirect(new URL('/dashboard', nextUrl));
      }
      return true;
    },
  },
  providers: [], // Add providers with an empty array for now
} satisfies NextAuthConfig;

// proxy.ts

import NextAuth from 'next-auth';
import { authConfig } from './auth.config';
 
export default NextAuth(authConfig).auth;
 
export const config = {
  // https://nextjs.org/docs/app/api-reference/file-conventions/proxy#matcher
  matcher: ['/((?!api|_next/static|_next/image|.*\\.png$).*)'],
};

// package.json

{
  "private": true,
  "scripts": {
    "build": "next build",
    "dev": "next dev --turbopack",
    "start": "next start",
    "lint": "pnpm next lint"
  },
  "dependencies": {
    "@heroicons/react": "^2.2.0",
    "@tailwindcss/forms": "^0.5.10",
    "autoprefixer": "10.4.20",
    "bcrypt": "^5.1.1",
    "clsx": "^2.1.1",
    "next": "15.2.3",
    "next-auth": "5.0.0-beta.30",
    "postcss": "8.5.1",
    "postgres": "^3.4.6",
    "react": "latest",
    "react-dom": "latest",
    "tailwindcss": "3.4.17",
    "use-debounce": "^10.0.4",
    "zod": "^3.25.17"
  },
  "devDependencies": {
    "@next/eslint-plugin-next": "^16.0.1",
    "@types/bcrypt": "^5.0.2",
    "@types/node": "22.10.7",
    "@types/react": "19.0.7",
    "@types/react-dom": "19.0.3",
    "@typescript-eslint/eslint-plugin": "^8.46.3",
    "@typescript-eslint/parser": "^8.46.3",
    "eslint": "^9.39.1",
    "eslint-config-next": "^15.2.3",
    "typescript": "5.7.3"
  },
  "pnpm": {
    "onlyBuiltDependencies": [
      "bcrypt",
      "sharp"
    ]
  }
}

This feels like nothing happened. I still can direct to any URL and not being redirected to login page.

Tried some search on Google and AI but they all tell me I did correct and should be work.... Also, I can not find the log I left inside authorized. I am really confused right now.

I pushed my codes wrote in this Chapter with commit name: "Chapter 14: Adding Authentication; todo: something wrong with authConfig".

Please give me any hint you find.
Thank you soooo much!!!
You must be logged in to vote

Replies: 1 comment

Comment options

Exp1ry
Nov 14, 2025

@gaomigithub It seems like you've gotten the auth.config.ts mixed up with the Middleware.

The setup you showed is incorrect.

First of all, the callbacks object is a set of methods (authorize(), jwt(), session()) that are designed to act as a callback function for when the actual functions are invoked.

For example, you have page access logic inside the authorize() callback. This callback only runs once, and only when a user signs in. This means that if I refresh the site, of course it wont run as the user already has a cookie.

Furthermore, you will need to setup the actual authorize() function that handles the signIn() logic. ==>

All access / permission related logic should be put in the middleware.ts file, as it runs on every request.
You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
🙏
Help
Labels
None yet
2 participants
@gaomigithub @Exp1ry
Morty Proxy This is a proxified and sanitized view of the page, visit original site.