Skip to content

Commit e8cccdd

Browse files
felmononclaude
andcommitted
Force Node.js runtime on all auth routes to fix fetch failures on Vercel
The auth callback and API routes were running on Edge runtime by default in Next.js 16, causing "fetch failed" errors when @supabase/ssr tried to reach the Supabase token endpoint. Explicitly setting runtime = 'nodejs' ensures reliable network access for the PKCE code exchange and all auth operations. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1 parent b010ae8 commit e8cccdd

6 files changed

Lines changed: 12 additions & 0 deletions

File tree

src/app/api/auth/delete-account/route.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@ import { createServerClient } from '@/lib/supabase/server';
33
import { createClient } from '@supabase/supabase-js';
44
import { checkRateLimit } from '@/lib/rate-limit';
55

6+
export const runtime = 'nodejs';
7+
68
const DELETE_CONFIRMATION_TEXT = 'DELETE MY ACCOUNT';
79
const RECENT_AUTH_WINDOW_MS = 15 * 60 * 1000;
810

src/app/api/auth/forgot-password/route.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@ import { createServerClient as createSSRServerClient } from '@supabase/ssr';
33
import { checkRateLimit, AUTH_RATE_LIMITS } from '@/lib/rate-limit';
44
import { getSiteUrlOrThrow } from '@/lib/site-url';
55

6+
export const runtime = 'nodejs';
7+
68
function getClientIP(request: NextRequest): string {
79
return (
810
request.headers.get('x-forwarded-for')?.split(',')[0].trim() ??

src/app/api/auth/login/route.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
22
import { createServerClient as createSSRServerClient } from '@supabase/ssr';
33
import { checkRateLimit, AUTH_RATE_LIMITS } from '@/lib/rate-limit';
44

5+
export const runtime = 'nodejs';
6+
57
function getClientIP(request: NextRequest): string {
68
return (
79
request.headers.get('x-forwarded-for')?.split(',')[0].trim() ??

src/app/api/auth/magic-link/route.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
22
import { createServerClient as createSSRServerClient } from '@supabase/ssr';
33
import { checkRateLimit, AUTH_RATE_LIMITS } from '@/lib/rate-limit';
44

5+
export const runtime = 'nodejs';
6+
57
function getClientIP(request: NextRequest): string {
68
return (
79
request.headers.get('x-forwarded-for')?.split(',')[0].trim() ??

src/app/api/auth/signup/route.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
22
import { createServerClient as createSSRServerClient } from '@supabase/ssr';
33
import { checkRateLimit, AUTH_RATE_LIMITS } from '@/lib/rate-limit';
44

5+
export const runtime = 'nodejs';
6+
57
function getClientIP(request: NextRequest): string {
68
return (
79
request.headers.get('x-forwarded-for')?.split(',')[0].trim() ??

src/app/auth/callback/route.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@ import { NextRequest, NextResponse } from 'next/server';
22
import { createServerClient } from '@supabase/ssr';
33
import type { CookieOptions } from '@supabase/ssr';
44

5+
export const runtime = 'nodejs';
6+
57
/**
68
* Validate the `next` param to prevent open-redirect attacks.
79
* Only allows relative paths on the same origin.

0 commit comments

Comments
 (0)