Module breaks with @auth/core@latest

[outofthisworld]

Environment

• Operating System: Darwin
• Node Version: v19.9.0
• Nuxt Version: 3.9.3
• CLI Version: 3.10.0
• Nitro Version: 2.8.1
• Package Manager: pnpm@8.2.0
• Builder: -
• User Config: devtools, modules, authJs, runtimeConfig
• Runtime Modules: nuxt-security@1.0.1, @hebilicious/authjs-nuxt@0.3.5
• Build Modules: -

Reproduction

Fairly obvious :)

Describe the bug

Fresh project, latest auth core, issue hitting /api/auth/session endpoint.

Additional context

No response

Logs

Stacktrace:


[auth][error] UnknownAction: Cannot parse action at /api/auth/session .Read more at https://errors.authjs.dev#unknownaction
    at parseActionAndProviderId (file:///Users/daleappleby/Desktop/remix/proxylistnuxt/node_modules/.pnpm/@auth+core@0.22.0/node_modules/@auth/core/lib/utils/web.js:102:15)
    at toInternalRequest (file:///Users/daleappleby/Desktop/remix/proxylistnuxt/node_modules/.pnpm/@auth+core@0.22.0/node_modules/@auth/core/lib/utils/web.js:32:40)
    at Auth (file:///Users/daleappleby/Desktop/remix/proxylistnuxt/node_modules/.pnpm/@auth+core@0.22.0/node_modules/@auth/core/index.js:65:35)
    at <anonymous> (/Users/daleappleby/Desktop/remix/proxylistnuxt/node_modules/.pnpm/@hebilicious+authjs-nuxt@0.3.5_@auth+core@0.22.0_nuxt@3.9.3/node_modules/@hebilicious/authjs-nuxt/dist/runtime/lib/server.mjs:23:28)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Object.handler (file:///Users/daleappleby/Desktop/remix/proxylistnuxt/node_modules/.pnpm/h3@1.10.0/node_modules/h3/dist/index.mjs:1676:19)
    at async toNodeHandle (file:///Users/daleappleby/Desktop/remix/proxylistnuxt/node_modules/.pnpm/h3@1.10.0/node_modules/h3/dist/index.mjs:1886:7)
    at async ufetch (file:///Users/daleappleby/Desktop/remix/proxylistnuxt/node_modules/.pnpm/unenv@1.9.0/node_modules/unenv/runtime/fetch/index.mjs:9:17)
    at async $fetchRaw2 (file:///Users/daleappleby/Desktop/remix/proxylistnuxt/node_modules/.pnpm/ofetch@1.3.3/node_modules/ofetch/dist/shared/ofetch.00501375.mjs:219:26)
    at async $fetch2 (file:///Users/daleappleby/Desktop/remix/proxylistnuxt/node_modules/.pnpm/ofetch@1.3.3/node_modules/ofetch/dist/shared/ofetch.00501375.mjs:261:15)
[nuxt] [request error] [unhandled] [400] [GET] "/api/auth/session": 400 
  at process.processTicksAndRejections (node:internal/process/task_queues:95:5)  
  at async $fetch2 (./node_modules/.pnpm/ofetch@1.3.3/node_modules/ofetch/dist/shared/ofetch.00501375.mjs:261:15)  
  at async ./node_modules/.pnpm/@hebilicious+authjs-nuxt@0.3.5_@auth+core@0.22.0_nuxt@3.9.3/node_modules/@hebilicious/authjs-nuxt/dist/runtime/plugin.mjs:15:17  
  at async setup (./virtual:nuxt:/Users/daleappleby/Desktop/remix/proxylistnuxt/.nuxt/plugins/server.mjs:36:116)  
  at async Object.callAsync (./node_modules/.pnpm/unctx@2.3.1/node_modules/unctx/dist/index.mjs:72:16)  
  at async applyPlugin (./node_modules/.pnpm/nuxt@3.9.3_vite@5.0.11/node_modules/nuxt/dist/app/nuxt.js:116:25)  
  at async executePlugin (./node_modules/.pnpm/nuxt@3.9.3_vite@5.0.11/node_modules/nuxt/dist/app/nuxt.js:152:9)  
  at async Module.applyPlugins (./node_modules/.pnpm/nuxt@3.9.3_vite@5.0.11/node_modules/nuxt/dist/app/nuxt.js:160:5)  
  at async createNuxtAppServer (./node_modules/.pnpm/nuxt@3.9.3_vite@5.0.11/node_modules/nuxt/dist/app/entry.js:24:7)  
  at async default (./node_modules/.pnpm/@nuxt+vite-builder@3.9.3_vue@3.4.14/node_modules/@nuxt/vite-builder/dist/runtime/vite-node.mjs:33:18)

[leandrocmaia]

+1 same here

"@auth/core": "^0.22.0",
"@hebilicious/authjs-nuxt": "^0.3.5",

Downgrading @auth/core to 0.17.0 works.

[alxpereira]

• 1, also solved by downgrading to 0.17.0 @auth/core

[thunfisch987]

This is especially sad cause @auth/core just added (experimental) passkey support

[mak33v]

same

[Hebilicious]

On each new release, authjs tends to break things.

Since this package is not official (I've contacted their team but they are not interested in prioritising Nuxt support), on every authjs minor semver update, this package might need to be updated by trying to figure out what changed on the auth/core side and doing the necessary changes here.

Obviously this isn't sustainable, especially since I don't personally use authjs, or this module anymore.
It should be possible for anyone that do use this module to either patch or submit a PR to make it work with the latest version.

[Shhu]

Sad to hear that but i understand your position, it looks like it's time to migrate to Lucia for me.

[levisticum]

I ran into the same problem, which seemed to be introduced with core v0.22 here

It's where basePath is set to default to /auth when not specified in AuthConfig. However since I followed the basic example, the basePath for me was actually /api/auth (folder structure: /server/api/auth/[...].ts).

Setting the basePath to /api/auth solved the issue for me and I was able to run core v.0.26.3. As I'm still in early development phase I can't guarantee that everything works though. I tested it with Azure AD B2C as provider.

Hope I could help :)

[Hebilicious]

Thanks for investigation @levisticum !
I think this deserves a doc inclusion and we can close this then.

@Shhu I think Lucia is great and https://github.com/Atinux/nuxt-auth-utils is another potential alternative. But it seems that auth.js is quite popular and with a few extra contributors, I believe things can keep moving forward.

However I think the split between this module/sidebase and nextauth/auth.js is overall bad for the ecosystem.

[Q16solver]

Yeah, it's unfortunate that the authjs team isn't willing to upstream this to an official repo, but having multiple repos using the same auth stack trying to solve the exact same issue is just splitting the community up. Imo, it does make sense to stick to authjs instead of next-auth though, since that's what the authjs team is planning ahead for, and it makes sense to future proof the auth solution. Maybe there's a need to consolidate this module and sidebase module so there's more maintainers working on the same thing