Next auth => JWEDecryptionFailed: decryption operation failed

Question

[...nextauth]/route.js file

import { User } from "@/lib/models";
import { connectToDb } from "@/lib/utils";
import NextAuth from "next-auth";
import GitHubProvider from "next-auth/providers/github";

export const authOptions = {
    secret:process.env.AUTH_SECRET,
    providers:[
        GitHubProvider({
            clientId: process.env.GITHUB_ID,
            clientSecret: process.env.GITHUB_SECRET,
        }),
    ],
    callbacks:{
        async signIn({user, account, profile})
        {
            // console.log(user, account, profile);
            if (account.provider === "github")
            {
                connectToDb()
                try {
                    const user = await User.findOne({email:profile.email});

                    if (!user)
                    {
                        const newUser = new User({
                            username:profile.login,
                            email:profile.email,
                            image:profile.avatar_url,
                            password:"123456",
                        });

                        await newUser.save();
                    }
                } catch (error) {
                    console.log(error);
                    return false;
                }
                return true;
            }
        }
    },
};

export const handlers = NextAuth(authOptions);
export {handlers as GET, handlers as POST};

.env file

#TERMINAL INPUT >> openssl rand -base64 32

AUTH_SECRET = aISfOz91Gp66KGHMIUsDI63z+56dv7yjIr+vN96IkHE=
AUTH_URL = http://localhost:3000/api/auth

ERROR:

[next-auth][error][JWT_SESSION_ERROR]

https://next-auth.js.org/errors#jwt_session_error decryption operation failed {
  message: 'decryption operation failed',
  stack: 'JWEDecryptionFailed: decryption operation failed\n' +
    '    at gcmDecrypt (webpack-internal:///(rsc)/./node_modules/jose/dist/node/cjs/runtime/decrypt.js:68:15)\n' +
    '    at decrypt (webpack-internal:///(rsc)/./node_modules/jose/dist/node/cjs/runtime/decrypt.js:91:20)\n' +
    '    at flattenedDecrypt (webpack-internal:///(rsc)/./node_modules/jose/dist/node/cjs/jwe/flattened/decrypt.js:137:52)\n' +
    '    at async compactDecrypt (webpack-internal:///(rsc)/./node_modules/jose/dist/node/cjs/jwe/compact/decrypt.js:20:23)\n' +
    '    at async jwtDecrypt (webpack-internal:///(rsc)/./node_modules/jose/dist/node/cjs/jwt/decrypt.js:10:23)\n' +
    '    at async Object.decode (webpack-internal:///(rsc)/./node_modules/next-auth/jwt/index.js:44:25)\n' +
    '    at async Object.session (webpack-internal:///(rsc)/./node_modules/next-auth/core/routes/session.js:25:34)\n' +
    '    at async AuthHandler (webpack-internal:///(rsc)/./node_modules/next-auth/core/index.js:161:37)\n' +
    '    at async getServerSession (webpack-internal:///(rsc)/./node_modules/next-auth/next/index.js:126:21)\n' +
    '    at async RootLayout (webpack-internal:///(rsc)/./src/app/layout.js:31:21)',
  name: 'JWEDecryptionFailed'
}

package version: latest

How to solve this problem🤔 and why my code was wrong?

I added AUTH_SECRET in .env and secret but it still error. I found https://next-auth.js.org/errors#jwt_session_error in the docs but does not really help I have no idea to solve it XD

Answer 1

Have you tried using NEXTAUTH_SECRET instead AUTH_SECRET? As stated in documentation https://next-auth.js.org/configuration/options