Skip to content

Commit db11f96

Browse files
Copilottlaukkanen
Copilot
and
tlaukkanen
authored
Fix login 403 error by improving auth handling and adding debug logging (#2)
* Initial plan * Fix login 403 error by properly parsing comma-separated ALLOWED_USERS list Co-authored-by: tlaukkanen <[email protected]> * Update next-auth to 4.24.13 and add debug logging for better troubleshooting Co-authored-by: tlaukkanen <[email protected]> --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]> Co-authored-by: tlaukkanen <[email protected]>
1 parent f06f60b commit db11f96

File tree

3 files changed

+40
-31
lines changed

3 files changed

+40
-31
lines changed

package-lock.json

Lines changed: 9 additions & 27 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@
2626
"lodash": "^4.17.21",
2727
"nanoid": "^5.0.9",
2828
"next": "15.1.5",
29-
"next-auth": "^4.24.11",
29+
"next-auth": "^4.24.13",
3030
"react": "^19.0.0",
3131
"react-dom": "^19.0.0",
3232
"react-icons": "^5.4.0",

src/pages/api/auth/[...nextauth].ts

Lines changed: 30 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,22 @@ import GoogleProvider from "next-auth/providers/google";
33
import GithubProvider from "next-auth/providers/github";
44

55
import { logger } from "@/services/logger";
6+
67
export const authOptions: NextAuthOptions = {
8+
// Enable debug mode for troubleshooting
9+
debug: process.env.NODE_ENV === "development",
10+
// Custom logger for better troubleshooting
11+
logger: {
12+
error(code, metadata) {
13+
logger.error(`NextAuth error: ${code}`, metadata);
14+
},
15+
warn(code) {
16+
logger.warn(`NextAuth warning: ${code}`);
17+
},
18+
debug(code, metadata) {
19+
logger.debug(`NextAuth debug: ${code}`, metadata);
20+
},
21+
},
722
// Configure one or more authentication providers
823
providers: [
924
GithubProvider({
@@ -21,13 +36,25 @@ export const authOptions: NextAuthOptions = {
2136
},
2237
callbacks: {
2338
async signIn({ user, account, profile }) {
24-
if (user.email === process.env.ALLOWED_USERS) {
25-
logger.info("User allowed to sign in");
39+
logger.info(
40+
`Sign in attempt: user=${user.email}, provider=${account?.provider}`,
41+
);
42+
43+
const allowedUsersEnv = process.env.ALLOWED_USERS || "";
44+
const allowedUsers = allowedUsersEnv
45+
.split(",")
46+
.map((email) => email.trim().toLowerCase())
47+
.filter((email) => email.length > 0);
48+
49+
const userEmail = user.email?.toLowerCase() || "";
50+
51+
if (userEmail.length > 0 && allowedUsers.includes(userEmail)) {
52+
logger.info(`User ${user.email} allowed to sign in`);
2653

2754
return true;
2855
}
2956
logger.error(
30-
`User ${user.email} not allowed to sign in as they are not in the allowed users list ${process.env.ALLOWED_USERS}`,
57+
`User ${user.email} not allowed to sign in as they are not in the allowed users list`,
3158
);
3259
logger.error(`User object: ${JSON.stringify(user)}`);
3360
logger.error(`Account object: ${JSON.stringify(account)}`);

0 commit comments

Comments
 (0)