JWT_SESSION_ERROR #3691
Replies: 2 comments
-
Hy, if you want to make a selfhosted envoirement feel free to contact me. I can help you to set it up in about 1 h.
brgds |
Beta Was this translation helpful? Give feedback.
-
The
By addressing these areas, you should be able to resolve the decryption error. If the issue persists, consider reviewing the full stack trace and logs for any additional clues. To continue talking to Dosu, mention @dosu. Written by @dosu, approved by dosu-customer-success |
Beta Was this translation helpful? Give feedback.
-
It doesnt end....
Do you have any ideas? Already trying to get it running for 3 days and every time a new problem pops up...
Node Version: v16.16.0
message: 'decryption operation failed', stack: 'JWEDecryptionFailed: decryption operation failed\n' + ' at gcmDecrypt (/opt/cal.com/node_modules/jose/dist/node/cjs/runtime/decrypt.js:67:15)\n' + ' at decrypt (/opt/cal.com/node_modules/jose/dist/node/cjs/runtime/decrypt.js:92:20)\n' + ' at flattenedDecrypt (/opt/cal.com/node_modules/jose/dist/node/cjs/jwe/flattened/decrypt.js:119:52)\n' + ' at async compactDecrypt (/opt/cal.com/node_modules/jose/dist/node/cjs/jwe/compact/decrypt.js:18:23)\n' + ' at async jwtDecrypt (/opt/cal.com/node_modules/jose/dist/node/cjs/jwt/decrypt.js:8:23)\n' + ' at async Object.decode (/opt/cal.com/node_modules/next-auth/jwt/index.js:64:7)\n' + ' at async Object.session (/opt/cal.com/node_modules/next-auth/core/routes/session.js:41:28)\n' + ' at async NextAuthHandler (/opt/cal.com/node_modules/next-auth/core/index.js:135:27)\n' + ' at async NextAuthNextHandler (/opt/cal.com/node_modules/next-auth/next/index.js:23:19)\n' + ' at async /opt/cal.com/node_modules/next-auth/next/index.js:59:32\n' + ' at async Object.apiResolver (/opt/cal.com/node_modules/next/dist/server/api-utils/node.js:179:9)\n' + ' at async NextNodeServer.runApi (/opt/cal.com/node_modules/next/dist/server/next-server.js:381:9)\n' + ' at async Object.fn (/opt/cal.com/node_modules/next/dist/server/base-server.js:497:37)\n' + ' at async Router.execute (/opt/cal.com/node_modules/next/dist/server/router.js:213:36)\n' + ' at async NextNodeServer.run (/opt/cal.com/node_modules/next/dist/server/base-server.js:630:29)\n' + ' at async NextNodeServer.handleRequest (/opt/cal.com/node_modules/next/dist/server/base-server.js:317:20)', name: 'JWEDecryptionFailed' }
My conf:
`
********** INDEX **********
- LICENSE
- DATABASE
- SHARED
- NEXTAUTH
- E-MAIL SETTINGS
- LICENSE *************************************************************************************************
Set this value to 'agree' to accept our license:
LICENSE: https://github.com/calendso/calendso/blob/main/LICENSE
Summary of terms:
- The codebase has to stay open source, whether it was modified or not
- You can not repackage or sell the codebase
- Acquire a commercial license to remove these terms by visiting: cal.com/sales
NEXT_PUBLIC_LICENSE_CONSENT='agree'
To enable enterprise-only features, fill your license key in here.
@see https://console.cal.com
CALCOM_LICENSE_KEY=
***********************************************************************************************************
- DATABASE ************************************************************************************************
packages/prisma/.env.example
***********************************************************************************************************
BASE_URL='https://DOMAIN.com'
- SHARED **************************************************************************************************
NEXT_PUBLIC_APP_URL='https://DOMAIN.com'
NEXT_PUBLIC_WEBAPP_URL='https://DOMAIN.com'
Change to 'http://localhost:3001' if running the website simultaneously
#NEXT_PUBLIC_WEBSITE_URL='http://localhost:3000'
#NEXT_PUBLIC_CONSOLE_URL='http://localhost:3004'
#NEXT_PUBLIC_EMBED_LIB_URL='http://localhost:3000/embed/embed.js'
DATABASE_URL="postgresql://admin:admin@localhost:5432/caldb"
To enable SAML login, set both these variables
@see https://github.com/calcom/cal.com/tree/main/packages/ee#setting-up-saml-login
SAML_DATABASE_URL="postgresql://postgres:@localhost:5450/cal-saml"
SAML_DATABASE_URL=
SAML_ADMINS='[email protected]'
SAML_ADMINS=
If you use Heroku to deploy Postgres (or use self-signed certs for Postgres) then uncomment the follow line.
@see https://devcenter.heroku.com/articles/connecting-heroku-postgres#connecting-in-node-js
PGSSLMODE='no-verify'
PGSSLMODE=
- NEXTAUTH
@see: https://github.com/calendso/calendso/issues/263
@see: https://next-auth.js.org/configuration/options#nextauth_url
Required for Vercel hosting - set NEXTAUTH_URL to equal your NEXT_PUBLIC_WEBAPP_URL
NEXTAUTH_URL='http://localhost:3000'
NEXTAUTH_URL='https://DOMAIN.com'
@see: https://next-auth.js.org/configuration/options#nextauth_secret
You can use:
openssl rand -base64 32
to generate oneNEXTAUTH_SECRET=Mdm0c3Dzs9u7HZk7SwM7SspBBa2Cwm5UQrBX3o5KOhM=
Used for cross-domain cookie authentication
NEXTAUTH_COOKIE_DOMAIN=.example.com
Set this to '1' if you don't want Cal to collect anonymous usage
CALCOM_TELEMETRY_DISABLED=
ApiKey for cronjobs
CRON_API_KEY='0cc0e6c35519bba620c9360cfe3e68d0'
Application Key for symmetric encryption and decryption
must be 32 bytes for AES256 encryption algorithm
You can use:
openssl rand -base64 24
to generate oneCALENDSO_ENCRYPTION_KEY=H3Kxq1igYjrDSInLfSiF2h3tCgPSLKOS
Intercom Config
NEXT_PUBLIC_INTERCOM_APP_ID=
Zendesk Config
NEXT_PUBLIC_ZENDESK_KEY=
Help Scout Config
NEXT_PUBLIC_HELPSCOUT_KEY=
Inbox to send user feedback
SEND_FEEDBACK_EMAIL=
Sengrid
Used for email reminders in workflows
SENDGRID_API_KEY=
SENDGRID_EMAIL=
Twilio
Used to send SMS reminders in workflows
TWILIO_SID=
TWILIO_TOKEN=
TWILIO_MESSAGING_SID=
This is used so we can bypass emails in auth flows for E2E testing
Set it to "1" if you need to run E2E tests locally
NEXT_PUBLIC_IS_E2E=
Used for internal billing system
NEXT_PUBLIC_STRIPE_PRO_PLAN_PRICE=
NEXT_PUBLIC_STRIPE_PREMIUM_PLAN_PRICE=
NEXT_PUBLIC_STRIPE_FREE_PLAN_PRICE=
STRIPE_WEBHOOK_SECRET=
STRIPE_PRO_PLAN_PRODUCT_ID=
STRIPE_PREMIUM_PLAN_PRODUCT_ID=
STRIPE_FREE_PLAN_PRODUCT_ID=
Use for internal Public API Keys and optional
API_KEY_PREFIX=cal_
***********************************************************************************************************
- E-MAIL SETTINGS *****************************************************************************************
Cal uses nodemailer (@see https://nodemailer.com/about/) to provide email sending. As such we are trying to
allow access to the nodemailer transports from the .env file. E-mail templates are accessible within lib/emails/
Configures the global From: header whilst sending emails.
EMAIL_FROM='[email protected]'
Configure SMTP settings (@see https://nodemailer.com/smtp/).
Note: The below configuration for Office 365 has been verified to work.
EMAIL_SERVER_HOST='smtp.office365.com'
EMAIL_SERVER_PORT=587
EMAIL_SERVER_USER='<office365_emailAddress>'
Keep in mind that if you have 2FA enabled, you will need to provision an App Password.
EMAIL_SERVER_PASSWORD='<office365_password>'
The following configuration for Gmail has been verified to work.
EMAIL_SERVER_HOST='smtp.gmail.com'
EMAIL_SERVER_PORT=465
EMAIL_SERVER_USER='<gmail_emailAddress>'
You will need to provision an App Password.
@see https://support.google.com/accounts/answer/185833
EMAIL_SERVER_PASSWORD='<gmail_app_password>'
**********************************************************************************************************
Set the following value to true if you wish to enable Team Impersonation
NEXT_PUBLIC_TEAM_IMPERSONATION=false
`
Beta Was this translation helpful? Give feedback.
All reactions