Credential provider with custom sign in page and a hostname with signin word gets replaced by callback #13142
Description
Environment
System:
OS: macOS 15.3.2
CPU: (8) arm64 Apple M1 Pro
Memory: 155.50 MB / 16.00 GB
Shell: 5.9 - /bin/zsh
Binaries:
Node: 22.13.1 - ~/.nvm/versions/node/v22.13.1/bin/node
Yarn: 1.22.22 - ~/.nvm/versions/node/v22.13.1/bin/yarn
npm: 10.9.2 - ~/.nvm/versions/node/v22.13.1/bin/npm
pnpm: 10.1.0 - ~/.nvm/versions/node/v22.13.1/bin/pnpm
Browsers:
Chrome: 138.0.7204.169
Safari: 18.3.1
npmPackages:
@auth/unstorage-adapter: ^2.0.0 => 2.10.0
next: ^14.2.28 => 14.2.28
next-auth: 5.0.0-beta.22 => 5.0.0-beta.22
react: ^18.2.0 => 18.3.
Reproduction URL
https://github.com/rachirib/next-auth-example-signin
Describe the issue
When a credentials provider is setup with a custom login page and its hostname that has the word signin, the authentication workflow gets broken because the word is replaced by callback.
We found out about this because we have a vercel environment and I created a branch with signin and the entire authentication system was not functioning correctly.
This piece of code it might be related
next-auth/packages/next-auth/src/lib/actions.ts
Lines 65 to 67 in 39dd3b9
How to reproduce
https://github.com/rachirib/next-auth-example-signin?tab=readme-ov-file#reproduction-steps
Expected behavior
I'm not sure the intention of this replacement code,
next-auth/packages/next-auth/src/lib/actions.ts
Lines 65 to 67 in 39dd3b9
but it might be that the hostname should not be replaced so authentication call can flow in the right domain.