Next Auth getSession not working in api routes

Question

So basically I use getServerSideProps to call some APIs. when I call getSession in getServerSideProps() I get a valid object.

export async function getServerSideProps({ req }) {
   const session = await getSession({ req }); // works

But when I call it in the API that is called in that getServerSideProps() function, I get null.

import { getSession } from "next-auth/react";

export default async (req, res) => {
  const { db } = await connectToDatabase();

  const session = await getSession({ req }); // returns null

Here is NextAuth documentation for reference:

When making a request from the server (inside `getServerSideProps`), cookies are not sent automatically in the request like it happens when making a request from a browser (see [Why are cookies not sent to the server via getServerSideProps in Next.js?](https://stackoverflow.com/questions/69057271/why-are-cookies-not-sent-to-the-server-via-getserversideprops-in-next-js)). Meaning `getSession` will fail to retrieve a session since no cookies are present on the request in the API route. — juliomalves, Mar 18 '22 at 18:37
However, in this case, you should use the logic that's in your API route directly inside `getServerSideProps`, rather than calling your internal API - see [Internal API fetch with getServerSideProps? (Next.js)](https://stackoverflow.com/questions/65752932/internal-api-fetch-with-getserversideprops-next-js). — juliomalves, Mar 18 '22 at 18:37

score 3 · Answer 1 · answered Jul 23 '22 at 20:04

This is very late, but I found the section in the docs where you can get the appropriate session object in API in this section.

Using unstable_getServerSession()

import { unstable_getServerSession } from "next-auth/next"
import { authOptions } from "./api/auth/[...nextauth]"

export default async (req, res) => {
  const session = await unstable_getServerSession(req, res, authOptions)
  if (session) {
    // Signed in
    console.log("Session", JSON.stringify(session, null, 2))
  } else {
    // Not Signed in
    res.status(401)
  }
  res.end()
}

Using getToken()

// This is an example of how to read a JSON Web Token from an API route
import { getToken } from "next-auth/jwt"

export default async (req, res) => {
  // If you don't have NEXTAUTH_SECRET set, you will have to pass your secret as `secret` to `getToken`
  const token = await getToken({ req })
  if (token) {
    // Signed in
    console.log("JSON Web Token", JSON.stringify(token, null, 2))
  } else {
    // Not Signed in
    res.status(401)
  }
  res.end()
}

The most important part is to pass the authOptions that is imported from /api/[...nextauth]

NOTE: getSession is a client API, as in it will only work on getStaticProps

i get this error when trying to import authOptions (Module not found: Can't resolve './api/auth/[...nextauth]'). I have not found anything about this authOptions in the nextjs documentations, unfortunately :( — ranran212, Nov 23 '22 at 18:41
this solves it https://next-auth.js.org/configuration/nextjs#in-api-routes — marko kraljevic, Apr 15 '23 at 17:12

score 0 · Answer 2 · answered Mar 09 '23 at 03:06

have you tried with

import { getServerSession } from "next-auth/next"
import { authOptions } from './api/auth/[...nextauth]'

...

export async function getServerSideProps({ req, res }) {
  return {
    props: {
      session: await getServerSession(req, res, authOptions)
    }
  }
}

This worked for me when I was having the same problem. You can find more in the docs

Next Auth getSession not working in api routes

2 Answers2