How to sign-out on nextjs server side? #3670

ivanvinicius · 2024-07-06T00:03:49Z

ivanvinicius
Jul 6, 2024

I want to sign-in only users who have payload.metadata.permission = true, so I verify it on middleware. If user does not have access, I redirect to api/sign-out route handler.

Code below

// midleware.ts
import { clerkMiddleware, createRouteMatcher } from '@clerk/nextjs/server'
import { NextResponse } from 'next/server'

import type { TokenPayload } from './@types/auth'

const isPublicRoute = createRouteMatcher([
  '/auth/sign-in(.*)',
  '/auth/sign-up(.*)',
  '/api(.*)',
])

export default clerkMiddleware((auth, request) => {
  const tokenClaims = auth().sessionClaims as TokenPayload | null
  const userCanAccess = !!tokenClaims?.metadata?.permission

  if (!userCanAccess && !isPublicRoute(request)) {
    const redirectUrl = request.nextUrl.clone()

    redirectUrl.pathname = '/api/auth/sign-out'

    const response = NextResponse.redirect(redirectUrl)

    return response
  }
})

export const config = {
  matcher: ['/((?!.*\\..*|_next).*)', '/', '/(api|trpc)(.*)'],
}

// /api/auth/route.ts (Route handler)
'use server'

import { clerkClient } from '@clerk/clerk-sdk-node'
import { auth } from '@clerk/nextjs/server'
import { NextRequest, NextResponse } from 'next/server'

export async function GET(request: NextRequest) {
  const { sessionId } = auth()

  const redirectUrl = request.nextUrl.clone()

  redirectUrl.pathname = '/auth/sign-in'

  const response = NextResponse.redirect(redirectUrl)

  if (sessionId) {
    try {
      await clerkClient.sessions.revokeSession(sessionId)
    } catch {}
  }

  response.cookies.delete('__cf_bm')
  response.cookies.delete('__clerk_db_jwt')
  response.cookies.delete('__client_uat')
  response.cookies.delete('__session')
  response.cookies.delete('_cfuvid')

  return response
}

After the code runs application go back to sign-in page automatically but, when I try to sign-in again I get a loop of erros saying:

{
    "shortMessage": "Browser unauthenticated",
    "longMessage":  "Unable to authenticate this browser for your development instance. Check your Clerk cookies and try again. If the issue persists reach out to [email protected].",
    "code":         "dev_browser_unauthenticated_code",
}

What I shoud to change in my logic or code?

jescalan · 2024-07-26T16:04:12Z

jescalan
Jul 26, 2024
Maintainer

https://github.com/orgs/clerk/discussions/3829

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Clerk

How to sign-out on nextjs server side? #3670

{{title}}

Replies: 1 comment

{{title}}

Select a reply

Clerk

How to sign-out on nextjs server side? #3670

ivanvinicius Jul 6, 2024

Replies: 1 comment

jescalan Jul 26, 2024 Maintainer

ivanvinicius
Jul 6, 2024

jescalan
Jul 26, 2024
Maintainer