NEXTAUTH_URL breaks ability to login or obtain CSRF token >= 5.0.0-beta.6

[subvertallchris]

I have been using Next Auth 5.0.0-beta.4 for some time now. I am implementing a custom login page as described in #9189 (comment). It uses a very simple CredentialsProvider.

Upon upgrade to 5.0.0-beta.6 or beyond, there are two issues:

• The getCsrfToken function crashes. It reports ClientFetchError: Unexpected end of JSON input .Read more at https://errors.authjs.dev#autherror. I think this is due to the second error
• Manually browsing to /api/auth/csrf fails to load. The server log says TypeError: next_dist_server_web_exports_next_request__WEBPACK_IMPORTED_MODULE_0__ is not a constructor

The stack trace points me to reqWithEnvURL.

I am confident this is related to the change here #9687. I am setting NEXTAUTH_URL because my local dev environment is localhost:3000. and when I clear that out, I am able to get a token and there are no errors on the page; however, the signOut() function takes me to the default localhost:3000 page and from there, signIn() takes me to the equivalent localhost page as well.

If I explicitly set basePath in auth.ts and provide both basePath and baseUrl to <SessionProvider>, I'm able to use the NEXTAUTH_URL environment variable, the signIn() function takes me to the right page, and I can login. But signOut() keeps sending me back to localhost:3000, even when explicitly setting a callbackUrl.

This seems like a bug or a new configuration change was missed when upgrading to Beta 6.

[ryandils]

has this ever been resolved?

[ryandils]

going through the same thing