next-auth icon indicating copy to clipboard operation
next-auth copied to clipboard

Published 20 hours ago verified publisher icon nextauthjs

DynamoDB Adapter can create but cannot retrieve sessions from database when using useSession() and strategy:"database"

Open avi312singh opened this issue 9 months ago • 1 comments

Adapter type

@auth/dynamodb-adapter

Environment

  System:
    OS: macOS 14.4.1
    CPU: (10) arm64 Apple M2 Pro
    Memory: 86.53 MB / 32.00 GB
    Shell: 5.9 - /bin/zsh
  Binaries:
    Node: 21.5.0 - ~/.nvm/versions/node/v21.5.0/bin/node
    npm: 10.2.4 - ~/.nvm/versions/node/v21.5.0/bin/npm
  Browsers:
    Chrome: 124.0.6367.201
    Safari: 17.4.1
  npmPackages:
    next: ^13.5.6 => 13.5.6 
    next-auth: ^4.24.5 => 4.24.7 
    react: 18.2.0 => 18.2.0 
    next-auth/dynamodb-adapter: 3.0.2 => 3.0.2

Reproduction URL

https://github.com/NHSDigital/Galleri-Frontend/blob/spike/next-authv4/src/app/api/auth/%5B...nextauth%5D/route.ts

Describe the issue

This code succesfully generates session in our dynamoDb table which we have specified using a custom name when a user authenticates with either of our two providers, as seen in screenshot below:

image

The screenshot shows the newly created session within dynamoDb after the user attempts to authenticate next-auth routes them back to the signin page, as the session cannot be retrieved.

However when attempting to retrieve the session before landing on the authenticated protected page, the useSession() hook retrieves null for the session.

Loading status: image

Resolved status: image

The authentication was fully working before this relatively small PR, ignore the fact that no credentials are provided as we are using roles within IAM so that the frontend has access to the table within dynamoDb. As sessions are being succesfully created in the table specified, the roles have been setup correctly.

How to reproduce

  • Migrate from JWT to database strategy
  • Use client side useSession() hook to retrieve session and check if user is authenticated before rendering protected page
  • Authentication will break and next-auth will redirect to sign in page

Expected behavior

  • Migrate from JWT to database strategy
  • Use client side useSession() hook to retrieve session and check if user is authenticated before rendering protected page
  • Authentication will continue to work after migration from JWT and next-auth will redirect to a protected page

avi312singh avatar May 13 '24 13:05 avi312singh