Skip to content

Bug #132 seems to be a problem in 0.7.4 against Payload 3.61.1 #153

New issue
New issue
Open
Open
Bug #132 seems to be a problem in 0.7.4 against Payload 3.61.1#153
@rikrose

Description

@rikrose
rikrose
opened on Nov 28, 2025

Describe the bug
After using Google OIDC (I haven't tested others), the redirect to /admin uses a GET to /api/{collection}/me to retrieve the logged in user. This fails with a null user, unless the collection has auth: useSessions set to false. As a result, you're presented with the login page again.

To Reproduce
Install Payload 3.61.1, payload-auth-plugin 0.7.4. The AfterLogin component is straight from the example on the website, as is the AdminAccounts collection.

export default buildConfig({
  admin: {
    user: AdminUsers.slug,
    importMap: {
      baseDir: path.resolve(dirname),
    },
    components: {
      // biome-ignore lint/security/noSecrets: Payload component
      afterLogin: ['@/components/AfterLogin/index#AdminLogin'],
    },
  },
  bin: [
    {
      scriptPath: path.resolve(dirname, 'seed.ts'),
      key: 'seed',
    },
  ],
  serverURL: process.env.NEXT_PUBLIC_SERVER_URL,
  collections: [AdminAccounts, AdminUsers, Pages],
  editor: lexicalEditor(),
  secret: process.env.PAYLOAD_SECRET || '',
  typescript: {
    outputFile: path.resolve(dirname, 'payload-types.ts'),
  },
  db: postgresAdapter({
    pool: {
      connectionString: process.env.DATABASE_URI || '',
    },
  }),
  plugins: [
    // storage-adapter-placeholder
    authPlugin({
      name: 'admin',
      useAdmin: true,
      allowOAuthAutoSignUp: false,
      usersCollectionSlug: AdminUsers.slug,
      accountsCollectionSlug: AdminAccounts.slug,
      successRedirectPath: '/admin/collections',
      errorRedirectPath: '/admin/signin',
      providers: [
        GoogleAuthProvider({
          client_id: process.env.GOOGLE_CLIENT_ID as string,
          client_secret: process.env.GOOGLE_CLIENT_SECRET as string,
        }),
      ],
    }),
  ],
})

export const AdminUsers: CollectionConfig = withUsersCollection({
  slug: 'adminUsers',
  admin: {
    useAsTitle: 'email',
  },
  access: {
    admin: () => { console.log('beep'); return true }, 
  },
  auth: {
    disableLocalStrategy: true,
  },
  fields: [
    {
      name: 'email',
      type: 'email',
      required: true,
      label: 'Email',
    },
  ],
  timestamps: true,
})

seed.ts:

import type { SanitizedConfig } from 'payload'

import payload from 'payload'

// Script must define a "script" function export that accepts the sanitized config
export const script = async (config: SanitizedConfig) => {
  await payload.init({ config })

  await payload.create({
    collection: 'adminUsers',
    data: {
      email: '<add your google account email here>',
    },
  })

  payload.logger.info('Successfully seeded!')
  process.exit(0)
}

Expected behavior
After signing in with the Google OIDC, the admin console page is presented.

Desktop (please complete the following information):

  • OS: Windows 11
  • Browser: Chrome
  • Version: 142.0.7444.176

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions