My netlify link is petfrndly-n2ueq.netlify.app
I am facing some auth issues where the users are unable to log out after the first token refresh (60 minutes). I tried everything but to no avail. So as a temporary measure, I have set up auto deploy every 60 minutes, which seems to at least hide the problem, if not solve it. This may result in 300 minutes (my limit) being exceeded. Since I am from India, I am unable to pay for a pro plan. How can we take this forward? I really need the auto deploy. If not, could you guide me solving the issue with nextauth 5 cookie and token refresh issues? From all my reading and research, it seems to be a Netlify-specific problem. Thanks In advance!
Can you provide the links to what you’re reading that has led you to conclude this?
I don’t use Next, but did a quick google and can see many results for auth issues unrelated to Netlify.
For example:
This issue seems to be unrelated to the one I’m having. I have nextauth 5 configured. The issue basically is that, every time I try to log out after the first token refresh, the session remains authenticated and doesn’t recognise the sign out. This happens only after the refresh. I have tried everything, but a search on perplexity seems to indicate that netlify’s cookie handling may be the issue
As mentioned, I don’t use Next so am not well versed in the various issues it has.
I only provided that thread to demonstrate that it’s not infallible.
It could be, but if that’s an AI tool, it could also just be a wild hallucination.
Are you able to provide any specific reference as to how it’s reached that conclusion?
Knowing what it’s referring to, may point to possible solutions.
Perhaps there is some Netlify related issue, perhaps there’s some known workaround, but Netlify’s staff operate to a Scope of Support, so they generally won’t investigate/debug your project.
Hence the more detail you can provide, the quicker you’ll probably receive some useful information you can act upon.
Which would hopefully be better for you in the long run than needing to run the cron as a workaround.
So I went through the thread and have tried using Redis lock, but it didn’t work on Netlify despite everything running properly in the logs. I moved to Vercel this morning and it’s working flawlessly. So I am 99.99pc sure it’s a Netlify issue.
That’s always a great test, especially when it comes to Next based projects.
As I’m sure you’re aware, Vercel create Next, so it’s largely always going to have better support there.
Netlify’s published known limitations are here:
https://docs.netlify.com/frameworks/next-js/overview/#limitations
Were you able to find the references the AI was drawing from?
Others experiencing the same issue?, an existing Github issue discussion etc?
If there is a Netlify issue, the more info you could provide, and supplying a minimal reproduction they could test with, the more likely you would see their engineers jump on it.
I took your suggestion and started digging deep. So instead of depending on AI, I checked out a few Netlify and Stackoverflow threads. Turns out people were able to solve it by shifting to Vercel. As of now, the sign out functionality is working great after the first token refresh, but I’ll wait for a few more hours to 100pc certain. Thank you for your insights, much appreciated. 
No problem at all.
Which is fair, if I worked with Next, and was using their server side features, I’d host it with Vercel.
You probably needed to set netlify-vary: Caching | Netlify Docs to vary the cache based on a cookie value.
So it could look something like:
/** @type {import('next').NextConfig} */
const config = {
async headers() {
return [
{
source: '/:path*',
headers: [
{
key: 'netlify-vary',
value: 'cookie=__Host-authjs.csrf-token|__Secure-authjs.callback-url|__Secure-authjs.pkce.code_verifier'
}
]
}
]
}
}
export default config
Those are the 3 cookies I found your app is using. If you’re using any other cookies for authentication, you might have to change the above value to match that.