Deploying on Vercel leads to 500 error for ssr-auth-required and ssr-no-token

Question

Deploying on Vercel leads to 500 error for ssr-auth-required and ssr-no-token

MvRemmerden opened this issue 2 years ago · 6 comments

Describe the bug

When deploying the example via Vercel, the ssr-auth-required and ssr-no-token examples lead to a 500 error. When looking at the logs in Vercel, the reason was that the api/example endpoint gives 400 response.

Interestingly it only did so for the token authentication, but not for the cookie authentication. When searching for why that could be the case, I came across this StackOverflow answer that states that Vercel strips the Authorization header in certain circumstances: https://stackoverflow.com/a/71516546

Following their proposal to rename Authorization to x_authorization did solve the problem for me.

Versions

next-firebase-auth version: 1.0.0-canary.19
Firebase JS SDK: 9.19.1
Next.js: 13.3.0

Answer 1 · 2023-04-18T15:13:44.000Z

Are you suggesting any particular changes to this package? It's already possible to use any header you want to pass the ID token (see #520)—though I see that the README needs to be updated to include that info.

Answer 2 · 2023-04-18T16:34:24.000Z

@kmjennison What do you think about changing the default to a way that works with Vercel? My assumption would be that Vercel is the main provider people will be using, and if this package doesn't work out of the box, but requires configuration changes, that's not a great first experience.

Otherwise, we could leave a comment in the code linking to the StackOverflow discussion.

Answer 3 · 2023-04-18T19:24:55.000Z

@MvRemmerden Do you know how to reproduce the Vercel problem? The demo for this project deploys on Vercel without a problem using the Authorization header, as does another project I've worked on. This issue is the first I've seen of this problem, which makes me wonder if it's caused by some non-standard Vercel configuration.

Answer 4 · 2023-04-18T22:33:51.000Z

I have a minimal and functional project live where that's the case, but it's private. Should I invite you to the repo and Vercel project?

Answer 5 · 2023-04-19T01:23:08.000Z

Would you be willing to clone and deploy the demo app publicly to your Vercel? That would be the most helpful reproduction of the problem.

Answer 6 · 2023-07-22T14:34:48.000Z

Closing until there's a reproduction with a common Vercel use-case.