Try to use Caddy as a reverse proxy with NextAuth

Spt117 · April 9, 2024, 10:21pm

1. The problem I’m having:

I am trying to use NextAuth (google oauthclient) in my next js application with caddy as a reverse proxy

2. Error messages and/or full log output:

`After clicking on my google account, I am redirected to localhost instead of my domain name :

http://localhost:3000/api/auth/callback/google?state=7KW1XPuetcDsfDJBtAi8_Q0RrOKHdQGboJFyVTgA56I&code=4%2F0AeaYSHDrgDSSPaHspCPIz3UwzXzvJlfHx5dMV-Nh1TATfjH4akbdHjz0tkViuF5gJBImCA&scope=email+profile+openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&authuser=0&prompt=consent

instead of

https://myAppDomain.com/api/auth/callback/google?state=7KW1XPuetcDsfDJBtAi8_Q0RrOKHdQGboJFyVTgA56I&code=4%2F0AeaYSHDrgDSSPaHspCPIz3UwzXzvJlfHx5dMV-Nh1TATfjH4akbdHjz0tkViuF5gJBImCA&scope=email+profile+openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&authuser=0&prompt=consent
`

3. Caddy version:

v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=

4. How I installed and ran Caddy:

a. System environment:

I have a vps server with ubuntu. I use PM2 for the production of my app.

b. Command:

c. Service/unit/compose file:

d. My complete Caddy config:

    reverse_proxy localhost:3000 {
        header_up X-Forwarded-Proto {scheme}
        header_up X-Forwarded-For {remote_host}
    }
    encode gzip
    header {
        Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';"
        X-Content-Type-Options "nosniff"
        X-Frame-Options "DENY"
        Referrer-Policy "strict-origin-when-cross-origin"
        Feature-Policy "camera 'none'; microphone 'none'; geolocation 'none'"
    }
    log {
        output stdout
    }
}

:80 {
        root * /usr/share/caddy
        file_server
}```

### 5. Links to relevant resources:
<!-- Optional, but can help get us on the same page quickly. -->

francislavoie · April 10, 2024, 8:08pm

Please mind your post’s formatting. Code blocks start with triple-backticks ``` on their own line, and closing with another set of triple-backticks on their own line.

You can remove these lines, they aren’t useful. See the docs: reverse_proxy (Caddyfile directive) — Caddy Documentation

You should remove this as well.

This doesn’t seem like an issue with Caddy.

That sounds like a problem either with your config on your Google account, or a problem with your upstream app (localhost:3000). Make sure your app is configured with your actual domain name instead of localhost:3000.

Spt117 · April 10, 2024, 9:00pm

Oops, sorry, you can close the topic anyway, I finally found the solution !

francislavoie · April 10, 2024, 9:47pm

Spt117 · April 11, 2024, 12:44pm

I had simply put NEXT_AUTH_URL instead of NEXTAUTH_URL in my .env