Asked 27/2, 2022 at 6:25 Answered 3/10, 2022 at 7:29

next.js facebook-authentication next-auth

I'm working on a Facebook clone code along. I am pretty new to Next.js

it throws an error at me which I'm not sure if it is standard or some bug in my code.

https://next-auth.js.org/warnings#no_secret
[next-auth][warn][NO_SECRET]

Can anyone explain it please ?

[...nextauth].js
import NextAuth from "next-auth"
import FacebookProvider from "next-auth/providers/facebook";

export default NextAuth({
    // Configure one or more authentication providers
    providers: [
        FacebookProvider({
            clientId: process.env.FACEBOOK_CLIENT_ID,
            clientSecret: process.env.FACEBOOK_CLIENT_SECRET
        })
    ]
})

import '../styles/globals.css'
import {SessionProvider} from "next-auth/react"

function MyApp({ Component, pageProps }) {
  return (
    <SessionProvider>
      <Component {...pageProps} />
    </SessionProvider>
  
  )}

export default MyApp

FACEBOOK_CLIENT_ID=495472355295570
FACEBOOK_CLIENT_SECRET=secret is from facebook for developers
NEXTAUTH_URL=http://localhost:3000```

Matrilateral answered 27/2, 2022 at 6:25 Comment(1)

You need to provide a secret in production, see next-auth.js.org/configuration/options#secret. – Carver 27/2, 2022 at 14:25

NEXTAUTH_URL is the canonical URL of your site.

for development, NEXTAUTH_URL looks like

NEXTAUTH_URL=http://localhost:3000/

for production, NEXTAUTH_URL looks like

NEXTAUTH_URL=http://officialrajdeepsingh.dev

Read more about NEXTAUTH_URL details of docs https://next-auth.js.org/configuration/options

Stopper answered 20/7, 2022 at 11:8 Comment(2)

what is this officialrajdeepsingh.dev? – Subordinate 5/8, 2022 at 14:45

NEXTAUTH_URL=your-domain.com or NEXTAUTH_URL=officialrajdeepsingh.dev both same the basic meaning of that pass domain name. for example I pass officialrajdeepsingh.dev – Stopper 14/8, 2022 at 8:17

For your production phase, e.g. let's say your're deploying on Vercel. You need your app's secret key.
Further readings. what is missings secret and what is secret

To fix:

You need your application's secret which can be generated via this like by varcel
You set NEXTAUTH_SECRET in your .env.local like

NEXTAUTH_SECRET=af017d04a8083251abdebb81b1fbb498
You add your secret to the file [...nextauth].js like this(process.env.NEXTAUTH_SECRET) because you don't want to expose the key.
...
export default NextAuth({
...
providers: [...],
secret: process.env.NEXTAUTH_SECRET,
...
})
You add your secret on your vercel project like this.

That's all, the problem should be gone. Unless you deploy on other platform, the configuration might be different.

Hollands answered 3/10, 2022 at 7:29 Comment(0)

-1

Try this:

[...nextauth].js
import NextAuth from "next-auth"
import FacebookProvider from "next-auth/providers/facebook";

export default NextAuth({
    // Configure one or more authentication providers
    providers: [
        FacebookProvider({
            clientId: process.env.FACEBOOK_CLIENT_ID,
            clientSecret: process.env.FACEBOOK_CLIENT_SECRET
        })
    ],
secret: process.env.YOUR_SECRET
})

Just add the secret and it should be ok

Misspeak answered 17/6, 2022 at 12:15 Comment(0)

for development, NEXTAUTH_URL looks like

for production, NEXTAUTH_URL looks like

To fix:

Recommended topics

Hot tags