SupabaseS
Supabase2y ago
zendev

OAuth sign in not working properly in production hosted on Vercel

I'm using Next.js 13.5 (pages router) with Supabase for auth and db. I am using google oauth. I have a middleware file that checks auth conditions when a user navigates to a new route, and if there is no user currently signed in, it redirects back to the signin page.

This all works exactly as expected in my local dev environment, but on Vercel, even after successfully signing in with OAuth, the middleware continuously redirects back to signin. The strange part is that the user is present even in prod, because my useUser() hook correctly returns the User object. Even stranger is that if I hard reload the page, everything works as expected.

Here is my middleware file for reference, any help would be greatly appreciated!
import { createMiddlewareClient } from "@supabase/auth-helpers-nextjs";
import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";

export async function middleware(req: NextRequest) {

  const res = NextResponse.next();
  
  const supabase = createMiddlewareClient({ req, res });
  const {
    data: { session },
  } = await supabase.auth.getSession();

  route
  if (
    req.nextUrl.pathname === "/signin" ||
    req.nextUrl.pathname === "/" ||
    req.nextUrl.pathname === "/onboarding"
  ) {
    return res;
  }

  if (session) {
    if (session.user.user_metadata.onboarded) {
      return res;
    } else if (!session.user.user_metadata.onboarded) {
      const redirectUrl = req.nextUrl.clone();
      redirectUrl.pathname = "/onboarding";
      redirectUrl.searchParams.set(`redirectedFrom`, req.nextUrl.pathname);
      return NextResponse.redirect(redirectUrl);
    }
  }
  const redirectUrl = req.nextUrl.clone();
  redirectUrl.pathname = "/signin";
  redirectUrl.searchParams.set(`redirectedFrom`, req.nextUrl.pathname);
  return NextResponse.redirect(redirectUrl);
}

export const config = {
  matcher: [
"/((?!api|trpc|_next/static|_next/image|favicon.ico).*)",
  ],
};
Was this page helpful?