Issue with v^1.0.0-canary.9 Example code

[dan-sproutward]

v^1.0.0-canary.9
Next.js v12.1.6
Firebase v^9.8.0

I am experiencing an issue that I don't think is just me (but I can totally believe if it was.)

When signing out from localhost:3000/stuff/123456, the page fails for both client-side and server-side rendering - I added in the server-side auth to test this additional test case. I know this is an example so not complaining but I fixed this by adding a '/' in front of auth-ssr for the return from authPageURL.

For client-side, give the page a moment and the URL will start changing by continuing to add destination encoded strings.

For server-side, it will spam HTTP 307s and continue to rebuild the URL with destination encoded strings.

From what I can tell, the URL returned without the '/' in front of auth-ssr continues to redirect to stuff page which is declared to require auth. In this case, the first build of destination is this: localhost:3000/stuff/123456/auth-ssr?destination=http%3A%2F%2Flocalhost%3A3000%2Fstuff%2F123456.

Since that URL is supposed to go to the auth-ssr page, it instead tries to hit the stuff page which requires authentication and authPageURL is called again which takes the URL just generated and builds it into a new destination with the old destination encoded.

This logic loops and continues to call authPageURL generating a new auth-ssr destination string with the URL it tried to redirect to the stuff page.

I ran into this with ssr auth and a configuration of "whenUnauthed: AuthAction.REDIRECT_TO_LOGINAuthaction." I found this as I ran into this issue with my project. It is easy to see if you open chrome debugger and look at the network tab.

I won't be surprised if this is just me.

Thanks so much for the library. I tried out a different auth package but it is not updated for React v18. This library does exactly what it needs to.

If you validate the issue, I would be more than happy to submit a PR to fix it(and take some credit for helping out :))

[kmjennison]

Can you reproduce this on the live demo? If not, could you provide a deployed example of it? Thanks!

[dan-sproutward]

My apologies. I just tested the canary branch and it works correctly. I checked canary initAuth example code and it is correct. It is incorrect in the main branch example code as well as the README(see attachment). The main branch does not have the stuff page so I can't demonstrate the break there but I checked initAuth in main and it is missing the '/' in front of auth-ssr. I am flummoxed as to why I thought this was in canary - I even modified stuff to test out SSR locally and I was able to recreate it. No matter and no credit :).