`withAuth` only runs if the user is | Next.js | Page 1

hexed kernel Aug 21, 2023, 6:33 AM

#

dense cedarBOT Aug 21, 2023, 6:33 AM

#

Hi @hexed kernel. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:

hexed kernel Aug 21, 2023, 6:33 AM

#

Is there no way around that to have logic run when not authorized? and then if authorized I can run the logic again?

dense cedarBOT Aug 21, 2023, 6:33 AM

#

Sorry @hexed kernel, I seem to be having a bit of trouble. Don't worry though, I've pinged my supprt and they will try to fix me up! :technologist:

Perhaps try again in 15mins?

celest dagger Aug 21, 2023, 4:18 PM

#

hexed kernel Is there no way around that to have logic run when not authorized? and then if a...

Just use regular middleware 🤷‍♂️
You can write in there whatever you want

hexed kernel Aug 21, 2023, 6:13 PM

#

Not sure I understand? I think that is my question, how to have a regular middleware but at the same time a middleware for withAuth

celest dagger Aug 21, 2023, 10:15 PM

#

hexed kernel Not sure I understand? I think that is my question, how to have a regular middle...

Just add an export function middleware to your middleware file which will be your regular middleware

hexed kernel Aug 22, 2023, 5:24 AM

#

Oh damn I did not know that, thanks that's perfect ⭐

hexed kernel Aug 23, 2023, 5:40 AM

#

It seems like that does not work, when exporting a middleware + default export for withAuth it only takes into account the middleware export, small reroduction

export const middleware: NextMiddleware = async (request) => {
  const res = NextResponse.next();
  console.log(">>>>>>>>>> unauthorized middleware <<<<<<<<<<<<<<<<<<<")
  return res;
};

export default withAuth({
  callbacks: {
    authorized: ({ token }) => {
      console.log(">>>>>>>>>> authorized middleware <<<<<<<<<<<<<<<<<<<")
      return false;
    },
  },
});

The only log I receive is from middleware, when I comment it out, it logs the authorized callback

hexed kernel Aug 23, 2023, 5:55 AM

#

I ended up doing this via a hacky method 🤷‍♂️

export async function middleware(request: NextRequest, event: NextFetchEvent) {
  const res = NextResponse.next();

  console.log('// handle my unauthenticated middlware here');

  const isNotAuthenticated = await withAuth({
    callbacks: {
      authorized: ({ token }) => {
        if (!token) {
          return false;
        }

        if (!token?.idToken) {
          return false;
        }

        if (!verifyTokenSync(token.idToken as string)) {
          return false;
        }

        return true;
      },
    },
    // @ts-ignore
  })(request, event);

  if (isNotAuthenticated) {
    const authUrl = new URL(paths.auth.login, request.nextUrl.origin);
    return NextResponse.redirect(authUrl.toString());
  }

  return res;
}

#

I think the withAuth middleware should expose something simular to clerk beforeAuth and afterAuth https://clerk.com/docs/references/nextjs/auth-middleware

authMiddleware() | Next.js | Clerk

The authMiddleware() method allows you to protect your Next.js application using middleware.

#

#`withAuth` only runs if the user is