【问题标题】:next-auth JWEDecryptionFailednext-auth JWEDecryptionFailed
【发布时间】:2022-11-07 10:43:18
【问题描述】:

我使用此代码能够将凭据 next-auth 提供程序与 cognito 一起用作 oauth 服务:这允许电子邮件和密码验证。我正在运行 next-auth@4.2.1:

import CognitoProvider from "next-auth/providers/cognito";
import NextAuth from 'next-auth'
import CredentialsProvider from "next-auth/providers/credentials"
import * as cognito from '../../../lib/cognito'
import { Auth } from 'aws-amplify';

export default NextAuth({
    providers: [
        CredentialsProvider({
            credentials: {
              username: { label: "Username", type: "text", placeholder: "jsmith" },
              password: {  label: "Password", type: "password" }
            },
            async authorize(credentials, req) {
                try {
                    const user = await Auth.signIn(credentials.username, credentials.password);
                    return user
                } catch (error) {
                    console.log('error signing in', error);
                }
            }
          })
    ],
    debug: process.env.NODE_ENV === 'development' ? true : falsey

})

我经常收到这个错误:

https://next-auth.js.org/errors#jwt_session_error decryption operation failed {
  message: 'decryption operation failed',
  stack: 'JWEDecryptionFailed: decryption operation failed\n' +
    '    at gcmDecrypt (/home/aurel/Documents/repos/front/node_modules/jose/dist/node/cjs/runtime/decrypt.js:67:15)\n' +
    '    at decrypt (/home/aurel/Documents/repos/front/node_modules/jose/dist/node/cjs/runtime/decrypt.js:92:20)\n' +
    '    at flattenedDecrypt (/home/aurel/Documents/repos/front/node_modules/jose/dist/node/cjs/jwe/flattened/decrypt.js:119:52)\n' +
    '    at async compactDecrypt (/home/aurel/Documents/repos/front/node_modules/jose/dist/node/cjs/jwe/compact/decrypt.js:18:23)\n' +
    '    at async jwtDecrypt (/home/aurel/Documents/repos/front/node_modules/jose/dist/node/cjs/jwt/decrypt.js:8:23)\n' +
    '    at async Object.decode (/home/aurel/Documents/repos/front/node_modules/next-auth/jwt/index.js:64:7)\n' +
    '    at async Object.session (/home/aurel/Documents/repos/front/node_modules/next-auth/core/routes/session.js:41:28)\n' +
    '    at async NextAuthHandler (/home/aurel/Documents/repos/front/node_modules/next-auth/core/index.js:96:27)\n' +
    '    at async NextAuthNextHandler (/home/aurel/Documents/repos/front/node_modules/next-auth/next/index.js:21:19)\n' +
    '    at async /home/aurel/Documents/repos/front/node_modules/next-auth/next/index.js:57:32',
  name: 'JWEDecryptionFailed'
}

在文档中找到https://next-auth.js.org/errors#jwt_session_error 但并没有真正帮助

谢谢

【问题讨论】:

    标签: node.js next.js jwt next-auth


    【解决方案1】:

    只需添加一个秘密即可使其正常工作

    export default NextAuth({
        secret: process.env.AUTH_SECRET,
        providers: [
        ...
        ]
    })
    

    【讨论】:

      【解决方案2】:

      秘密a-dawg注释必须插入到 .env.local 文件中

      更多信息:https://nextjs.org/docs/basic-features/environment-variables

      【讨论】:

      • 欢迎来到 StackOverflow!您也应该将评论或示例复制到响应中。链接本身可能会改变,然后这个答案就变得不完整。此外,无论如何,您在链接中指向的内容并不明显。与独立答案相比,这更适合作为对答案的评论。
      【解决方案3】:

      下一个认证需要 NEXTAUTH_SECRET 环境变量来加密 NextAuth.js JWT,并散列电子邮件验证令牌。你可以把它放在.env 文件中,比如

      NEXTAUTH_SECRET=say_lalisa_lalisa_hey
      

      NextAuth reference

      【讨论】:

        猜你喜欢
        • 2021-11-26
        • 2021-08-17
        • 2021-10-10
        • 2021-05-23
        • 2022-06-17
        • 2022-12-25
        • 1970-01-01
        • 2022-12-09
        • 2021-12-04
        相关资源
        最近更新 更多