#github oauth stuck in redirect loop

Hello kind folks,

I am using github oauth and resend, like in the demo boilerplate project when initializing a convex app with NextJS, convex auth, github oauth, and hosting on Vercel.
In development, login works.
In production, login actually works, the database receives the correct user data from github, but the front end crashes.
Opening the network tab reveals a slew of 302 redirects, followed by 308 redirects.
I am using NextJS, hosting on Vercel, with a domain.

I've checked:

• The middleware js file
• The environment variables
• The github oauth app id and key
• For the homepage url I used my production domain, though it seems to work in dev either way.
• For the github, the callback url for convex, followed the set up documentation a few times step by step
• Maybe my convex server + client providers are wrong?

What did I miss?
Any ideas?

Have you seen https://labs.convex.dev/auth/production

Yes, I followed it step by step.
Initially I had copied the convex env variables from dev to prod and then updated them one by one, however, the db is getting the user details correctly populated, just the redirect on success is bugging out.
Here's my middleware file:

import { convexAuthNextjsMiddleware, createRouteMatcher } from "@convex-dev/auth/nextjs/server";

export default convexAuthNextjsMiddleware(async (request, { convexAuth }) => {
// No-op but export seems necessary.
});

export const config = {
  // The following matcher runs middleware on all routes
  // except static assets.
  matcher: ["/((?!.*\\..*|_next).*)", "/", "/(api|trpc)(.*)"],
};

the default code was never triggering the conditions anyway, and works in dev...

It's hard to guess what you missed. You could compare against https://github.com/get-convex/convex-auth/tree/main/test-nextjs

You might try deleting cookies+localstorage too, in case you previously set some bad state.. Tips in https://labs.convex.dev/auth/debugging can help.

Can anyone make an account, could you send me the url to try?

I was comparing to projects, it's confusing how the providers are set up, I now have 3 providers.
Definitely deleted cookies, happens in private browser too.
https://www.easyhacks.org , does the page come up for you at all?

page comes up for me if I use this url: https://easy-hacks-umber.vercel.app
but crashes when I login/sign up.

Yep I get these redirects too

was that after login?

Or right away?

Oddly, the page did load the first time I visitted it. After I tried logging in it started doing the redirecs even in a private browser.
The code is here https://github.com/disrae/easyHacks

The fact that it's worse for the production domain and not for the temporary vercel subdomains also confuses me.

I don't know if the providers could be the culprit, kappa ai said I was mising one so I added it, I now have 3... 🤔

"use client";

import { ConvexAuthNextjsProvider } from "@convex-dev/auth/nextjs";
import { ConvexReactClient } from "convex/react";
import { ReactNode } from "react";
import { ConvexProvider } from "convex/react";

const convex = new ConvexReactClient(process.env.NEXT_PUBLIC_CONVEX_URL!, {
  verbose: true,
});

export default function ConvexClientProvider({
  children,
}: {
  children: ReactNode;
}) {
  return (
    <ConvexAuthNextjsProvider client={convex}>
      <ConvexProvider client={convex}>
        {children}
      </ConvexProvider>
    </ConvexAuthNextjsProvider>
  );
}

It made no difference to the symptoms.

That was right away, didn't see any page

Do you know what' s sending that redirect?

I assumed it would be the middleware but not really, no, and oddly it doesn't do it until you try to login if you use the vercel subdomain

https://easy-hacks-umber.vercel.app/

It does the same thing with the email login magic link.

auth endpoint appears to work.

I see you in the database too, logging in from github.

With that url I get sent to GitHub, GitHub sends me to the Convex backend, and then the Convex backend 302s me to https://www.easyhacks.org/?code=03051637, and then the 308s to https://www.easyhacks.org/?code=03051637 begin

so you need to figure out where that 308 redirect is coming from

Could be a Cloudflare thing https://vercel.com/guides/resolve-err-too-many-redirects-when-using-cloudflare-proxy-with-vercel

ahhhhhh!

Could be a Next.js thing https://github.com/vercel/next.js/discussions/15432

Dunno, but it's up to something about your app, not Convex Auth I think

yeah looks like it

I would send you a tip despite being unemployed 😅 Highly appreciate your detective skills.

good luck!