ReacherX founder
ReacherX founder5d ago

Experiencing "Invalid verifier" error with Google OAuth in Convex Auth

Experiencing "Invalid verifier" error with Google OAuth in Convex Auth I'm facing an issue where the user session doesn’t persist after a page refresh when using Google OAuth with Convex Auth. The authSessions table remains empty, and I’m seeing an "Invalid verifier" error in the Convex logs. Here’s my Convex backend configuration: Environment Details - @convex-dev/auth: ^0.0.84 - convex: ^1.24.0 - Platform: Web (Next.js with App Router) Convex Backend Configuration (convex/auth.ts) 
import Google from "@auth/core/providers/google";
import { convexAuth } from "@convex-dev/auth/server";

export const { auth, signIn, signOut, store, isAuthenticated } = convexAuth({
  providers: [Google],
});
import Google from "@auth/core/providers/google";
import { convexAuth } from "@convex-dev/auth/server";

export const { auth, signIn, signOut, store, isAuthenticated } = convexAuth({
  providers: [Google],
});
Environment variables (GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET) are set in the Convex dashboard. Middleware (middleware.ts) 
import { convexAuthNextjsMiddleware } from "@convex-dev/auth/nextjs/server";

export default convexAuthNextjsMiddleware(undefined, {
  cookieConfig: { maxAge: 60 * 60 * 24 * 30 },
  verbose: true,
});

export const config = {
  matcher: ["/((?!.*\\..*|_next).*)", "/", "/(api|trpc)(.*)"],
};
import { convexAuthNextjsMiddleware } from "@convex-dev/auth/nextjs/server";

export default convexAuthNextjsMiddleware(undefined, {
  cookieConfig: { maxAge: 60 * 60 * 24 * 30 },
  verbose: true,
});

export const config = {
  matcher: ["/((?!.*\\..*|_next).*)", "/", "/(api|trpc)(.*)"],
};
Error Logs (Convex Dashboard) 
May 14, 19:02:40.454  auth:store  info  '`auth:store` type: verifyCodeAndSignIn'
May 14, 19:02:40.459  auth:store  error  'Invalid verifier'
May 14, 19:02:40.473  success  15ms  auth:store
May 14, 19:02:40.474  success  46ms  auth:signIn
May 14, 19:02:40.454  auth:store  info  '`auth:store` type: verifyCodeAndSignIn'
May 14, 19:02:40.459  auth:store  error  'Invalid verifier'
May 14, 19:02:40.473  success  15ms  auth:store
May 14, 19:02:40.474  success  46ms  auth:signIn
Is there a solution that works?
36 Replies
ReacherX founder
ReacherX founderOP5d ago
@erquhart Can you please take a look at this?
ReacherX founder
ReacherX founderOP5d ago
@erquhart Someone also opened an issue on GitHub regarding this 3 weeks ago: https://github.com/get-convex/convex-auth/issues/193
GitHub
Fix Google OAuth session persistence after page refresh · Issue #1...
Description Issue When logging in via Google authentication, the user session doesn't persist after refreshing the browser page. Convex logs show the error message "Invalid verification co...
ReacherX founder
ReacherX founderOP4d ago
@erquhart ?
Hmza
Hmza4d ago
What is your callback url?
erquhart
erquhart4d ago
Can you enable debug logs in your client and Convex functions and share (redact if/as needed) - instructions here: https://labs.convex.dev/auth/debugging#enabling-verbose-logging
ReacherX founder
ReacherX founderOP3d ago
ReacherX founder
ReacherX founderOP3d ago
@erquhart Here are the logs (redacted) after enabling verbose logging.

debug_logs.txt

ReacherX founder
ReacherX founderOP3d ago
@erquhart Provided the logs on GitHub also: https://github.com/get-convex/convex-auth/issues/193#issuecomment-2886888325
GitHub
Fix Google OAuth session persistence after page refresh · Issue #1...
Description Issue When logging in via Google authentication, the user session doesn't persist after refreshing the browser page. Convex logs show the error message "Invalid verification co...
erquhart
erquhart3d ago
These logs look like you ran convex dev and then hit google log in, when did the refresh occur? Trying to understand where it says the user doesn't exist
ReacherX founder
ReacherX founderOP3d ago
Here's what I do: - I click on Sign in with Google. - A window opens where I have to select the account which I wanna use to sign in. - I select and then I get redirected to the "/" route of my app. In the video you can clearly see that indeed a user is created. The problem is that when I am redirected to the "/" route, I am not in an authenticated state. According to my understanding, the session doesn't remain. In the code you can see I have set the "cookie config", I thought maybe I haven't configured the "Cookie age" maybe that's the problem. But after configuring that also, the behavior still remains the same. The logs contain "No existing users found, creating new user" because at that point my users table was empty. @erquhart In the GitHub issue the person who created the issue also faces the same experience, the session is not persistent. I think since Convex Auth is in beta, this is a bug/issue in the Convex Auth itself. The troubling part is: While I am being redirected back to my "/" route, something happens that causes the session to end, that's why by the time I am at "/" route I am in an unauthenticated state. So errors are there, I have provided what kind of errors occur during that flow.
erquhart
erquhart3d ago
Yeah I don’t doubt there’s a bug in Convex Auth here, just trying to reproduce. I haven’t seen google oauth fail this way.
ReacherX founder
ReacherX founderOP3d ago
@erquhart Since I am using Google IDX, I can give you access so you don't have to clone anything. You can inspect my code and see the logs also in the terminal. Let me know if you think that will be useful. Auth is a fundamental feature for my app that I am building. So it would be awesome if this can be figured out 🥲 I personally have tried searching but seems like this is an issue in Convex Auth itself.
erquhart
erquhart3d ago
The logs contain "No existing users found, creating new user" because at that point my users table was empty.
So when you first log in with Google, it works. Meaning the user is created. Then when you refresh the page, the users table is empty - when does it become empty? Or does the first login somehow work without a user ever being created?
ReacherX founder
ReacherX founderOP3d ago
No no, the users table doesn't get empty. I myself empty the table. So it's not like users table is getting cleared automatically. And it's also not about the 1st time and second time. No matter if I try it the 1st time or 2nd time, the behavior is the same. When I am redirected back to the "/" route, I am just not authenticated.
erquhart
erquhart3d ago
Okay, so this issue here, it's not actually your issue, is that correct https://github.com/get-convex/convex-auth/issues/193
GitHub
Fix Google OAuth session persistence after page refresh · Issue #1...
Description Issue When logging in via Google authentication, the user session doesn't persist after refreshing the browser page. Convex logs show the error message "Invalid verification co...
ReacherX founder
ReacherX founderOP3d ago
Yes
erquhart
erquhart3d ago
That issue says google login works correctly, but then on refresh it fails You're saying it just never works
ReacherX founder
ReacherX founderOP3d ago
Yeah in my case also, the users table does contain new user entries. The problem is the session persistence.
erquhart
erquhart3d ago
When you first log in with Google, does it work? Like, you're authenticated, user can do things in your app, etc Or does it not, meaning you're still at the sign in page and it doesn't actually authenticate the user
ReacherX founder
ReacherX founderOP3d ago
When I get redirected at "/" route, I am not in an authenticated state, but in the users table indeed there is a new user entry. It does authenticate the user, but somehow when the user goes to "/' route after the Google sing in flow, he is not in an authenticated state.
erquhart
erquhart3d ago
Any chance you're able to make a minimal repro?
ReacherX founder
ReacherX founderOP3d ago
So I hope it's clear, that authentication is working, The user is being created, but the session is not persistent
erquhart
erquhart3d ago
I understand the callout about session persistence, but there are three distinct and separate points of failure being described between your report and the other user in that issue, and I'm not able to repro any of it
erquhart
erquhart3d ago
Like, this demo site uses Convex Auth with Google, and works: https://convex-v1.run/
Create v1
A free, open-source starter kit for your next project, built with insights from Midday.
ReacherX founder
ReacherX founderOP3d ago
I would say the best and the most efficient thing is going to be that I provide you access to my Google IDX workspace then you can freely see what's happening.
erquhart
erquhart3d ago
You can log into it yourself So i need to determine what's different about your project that's triggering this bug (presumably in Convex Auth) I'm not familiar with IDX, can I use it to run your app and repro myself? Similar to cloning a repo?
ReacherX founder
ReacherX founderOP3d ago
You don't have to do anything. It's like I handed my vscode with my laptop to you. You will have complete access to my code (all files front end/backend)
erquhart
erquhart3d ago
that works 👍
ReacherX founder
ReacherX founderOP3d ago
No cloning required
erquhart
erquhart3d ago
I mean, but can I run the code?
ReacherX founder
ReacherX founderOP3d ago
Yes you can
erquhart
erquhart3d ago
cool feel free to dm
ReacherX founder
ReacherX founderOP3d ago
Whatever you will do, I will see it real time
erquhart
erquhart3d ago
or email
ReacherX founder
ReacherX founderOP3d ago
Whatever code you change or run. It's not like I can see your web cam etc 😅
erquhart
erquhart3d ago
yeah figured lol

Did you find this page helpful?