Fix EdgeOne auth runtime configuration

Set trustHost and explicitly provide AUTH_SECRET in NextAuth config so auth routes do not fail host/config validation on non-Vercel platforms like EdgeOne. Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-19 11:41:15 +08:00 · 2026-05-19 11:41:15 +08:00 · 2315647743
commit 2315647743
parent 0ac550c039
1 changed files with 4 additions and 0 deletions
--- a/src/auth/server.ts
+++ b/src/auth/server.ts
@ -8,6 +8,10 @@ export const {
  signOut,
  auth,
 } = NextAuth({
+  // Non-Vercel platforms (e.g. EdgeOne) may not be auto-trusted by Auth.js.
+  // Enabling trustHost prevents auth route 500s caused by host validation.
+  trustHost: true,
+  secret: process.env.AUTH_SECRET,
  providers: [
    Credentials({
      async authorize({ email, password }) {