How to avoid warning message when getting user information on Next.js 13 server components with Auth0
Asked Answered
A

1

11

I'm trying to move a Next.js app with Auth0 authentication to the new app router. I understand the limitations of server components not being able to write cookies, but I'm getting a message that is confusing.

My understanding is that if I need to get user info on a server component, I need to use the 'getSession' function from '@auth0/nextjs-auth0', which is not available for client components.

However, every time I call it, the server console logs the following message (not labeled as an error or warning): "nextjs-auth0 is attempting to set cookies from a server component".

I am not trying to set any cookies, only get the user information. Can anyone help me understand why this call to 'getSession' makes the component set cookies? Also, is it safe to ignore this message if I'm not really trying to set cookies?

Thanks in advance.

Added code: the complete solution is somewhat complex but this code illustrates my question. This is a simple SSR component that gets the user name from the server session (as specified in Auth0's format):

import { getSession } from '@auth0/nextjs-auth0';

export default async function Profile() {
    const session = await getSession();

    return (
    <div>
        HELLO {session?.user?.name}
    </div>
    )
}

In the above code, every time getSession is called the server console emits the message "nextjs-auth0 is attempting to set cookies from a server component".

I'm not explicitly trying to set cookies, just get the user's information. I would like to understand why this happens and what are the effects of ignoring the message.

Again, thanks in advance for any help.

Abundant answered 1/8, 2023 at 17:19 Comment(2)
can you share your code for better understanding your question?Overthrust
Hello @KannuMandora, thanks for the quick reply. I have amended my question with the code for the relevant server-side component.Abundant
C
12

I was perplexed by this, too, so I stepped through the code associated with getSession (in my case, this was being called by withPageAuthRequired). It looks like, because of default configuration in @auth0/nextjs-auth0, any time you access the cached session on your server, an attempt is made to automatically set new cookies (code here). I stopped this behavior and the warning with AUTH0_SESSION_AUTO_SAVE=false after finding this PR. If we decide to reenable rolling sessions in our project, I'll follow the advice here.

Chiachiack answered 31/8, 2023 at 11:26 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.