I have a Next js application that uses Next Auth. While in development I continuously keep getting that warning stipulating that I need to set a secret but I don't know where I should set it.
Following this reference I see I just need to run openssl rand -base64 32 to get a secret but I have no Idea where to put it
In the [...nextauth].js outside provider and callback you can set the secret and it's value. As it is recommended to store such values in environment variable you can do the following
export default NextAuth({
providers: [
],
callbacks: {
},
secret: process.env.JWT_SECRET,
});
You should insert the command openssl rand -base64 32in your Linux terminal, then it will generate a Token to use it on an .env file with the variable name NEXTAUTH_SECRET=token_generated. So the error [next-auth][warn][NO_SECRET] will not be showed again on console.
In my case i had to upgrade next and next-auth module to the latest version.
next@12.1.6 and next-auth@4.5.0 worked for me.
NEXTAUTH_SECRET=secret string here
You can generate secret key using this command line openssl rand -base64 32 in command prompt or windows power shell.
And in the next-auth configuration [...nextauth].ts file
export default NextAuth({
providers: [
],
callbacks: {
},
secret: process.env.NEXTAUTH_SECRET,
});
It is said if secret is not defined in [...nextauth].ts, it loads NEXTAUTH_SECRET from env, but I added it and works like charm. :)
I had this problem recently on a Vercel deployment
I solved it with the following steps:
NEXTAUTH_URL and NEXTAUTH_SECRET on .env (the URL is your domain and the secret is any hash)NEXTAUTH_SECRET on your Environment Variables (same secret of your .env)I'm using middleware and the code is:
export { default } from "next-auth/middleware"
export const config = { matcher: ["/admin/dashboard/", "/admin/dashboard/:path*"] }
