request.cookies information missing when using isReqWrapper

[JulianJorgensen]

Environment

System:
OS: macOS 14.0
CPU: (12) x64 Intel(R) Core(TM) i7-8850H CPU @ 2.60GHz
Memory: 258.79 MB / 16.00 GB
Shell: 3.2.57 - /bin/bash
Binaries:
Node: 20.9.0 - ~/.nvm/versions/node/v20.9.0/bin/node
Yarn: 1.10.1 - /opt/local/bin/yarn
npm: 10.1.0 - ~/.nvm/versions/node/v20.9.0/bin/npm
Watchman: 4.9.0 - /usr/local/bin/watchman
Browsers:
Chrome: 119.0.6045.105
Safari: 17.0

npmPackages:
next: ^14.0.1 => 14.0.1
next-auth: ^5.0.0-beta.3 => 5.0.0-beta.3
react: ^18.2.0 => 18.2.0

npmPackages:
@auth/firebase-adapter: ^1.0.0 => 1.0.0

Reproduction URL

https://github.com/JulianJorgensen/next-auth-v5-custom-middleware-bug

Describe the issue

In v5, when using the custom middleware wrapper as such:

export default auth((req) => {
  console.log('req.cookies', req.cookies)
  return intlMiddleware(req)
})

req.cookies is undefined.
However, it is required by my other middleware intlMiddleware.

How to reproduce

Install v5 and set middleware.js as this:

import { auth } from 'auth';

export default auth((req) => {
  console.log('req.cookies', req.cookies)
  return req
})

Expected behavior

auth() used as a middleware wrapper should return the original request but with just auth appended.

[JulianGerrit]

Running into the same issue here. I want to read some cookies from the original request.

For anyone else running into this, for now, you can read the 'cookie' header as a workaround:

const cookies = request.headers.get("cookie")

This will however return one big string, if you want to get a specific cookie, you have to either use a regex or delimit by ; and split by =:

const keyValues = cookies.split(";");
let valueYouWant = null;
const cookieName = "name-of-your-cookie";

for (const keyValue of keyValues) {
  const [key, value] = keyValue.trim().split("=");
  if (key.trim() === cookieName) {
    valueYouWant = value;
  }
}

Would be much nicer if we could just access request.cookies though.

[dev2xl]

Same issue here. This is breaking for me. I'm using next-i18n-router middleware that internally use request.cookies. Why alter the original request cookies? This is incompatible with other libraries.

[ThomasAunvik]

Seems for me, after updating to [email protected], that fixed the issue.

[dev2xl]

I'm using [email protected] and the issue persist

[dev2xl]

A workaround to get the session on the middleware is:

const session = await NextAuth(authConfig).auth();

[robin-ln]

i think the problem come from this code :
// next-auth/src/lib/index.ts l158

    const request = reqWithEnvUrl(args[0]) // we lose cookies after 

In the function reqWithEnvUrl we have this comment :

  // REVIEW: Bug in Next.js?: TypeError: next_dist_server_web_exports_next_request__WEBPACK_IMPORTED_MODULE_0__ is not a constructor
  // return new NextRequest(new URL(nonBase, base), req)

[hyperse-net]

#9237

[hyperse-net]

it should correct return NextRequest instance with req.cookies, cause of we may need to chain another middlewares (that dependends req.cookies.get('')

[chungweileong94]

The fix from #9795 (which was released in beta.6) caused TypeError: next_dist_server_web_exports_next_request__WEBPACK_IMPORTED_MODULE_0__ is not a constructor as mentioned in the previous code comment.

I wanted to create a small repro for that, however, I only able to reproduce it in my private repo. @balazsorban44 what was the reason that it didn't return NextRequest before, or more specifically, why did the webpack error happen?

Update: I managed to find a way to reproduce it, turns out if we set either AUTH_URL or NEXTAUTH_URL, the error will occur, #9922

[alitavakoli96]

The fix from #9795 (which was released in beta.6) caused TypeError: next_dist_server_web_exports_next_request__WEBPACK_IMPORTED_MODULE_0__ is not a constructor as mentioned in the previous code comment.

I wanted to create a small repro for that, however, I only able to reproduce it in my private repo. @balazsorban44 what was the reason that it didn't return NextRequest before, or more specifically, why did the webpack error happen?

Update: I managed to find a way to reproduce it, turns out if we set either AUTH_URL or NEXTAUTH_URL, the error will occur, #9922

I was pulling my hair out all night trying to figure out the problem, glad its not a me thing, tomorrow I will hopefully wake up to a fix by you wonderful folks, you guys seem to be pumping out these beta's super fast. I too have it in my private repo it was working with "beta" version yesterday and since beta.5 it stopped working.