How to access errors thrown within authorize callback in v5

[AhmedBaset]

In v4 we used to throw errors in the credentials.authorize callback and access it with res.error

const {auth} = NextAuth({
   providers: [
    Credentials({
      authorize(cred) {
        if (!cred.password) throw new Error("Password is missing")
      }
    })
  ]
})

// login-form.tsx
const res = await signIn("credentials", {
  redirect: false,
  email: user.email,
  password: "",
} satisfies SignInOptions & Record<CredentialsKeys, unknown>);

if (res?.error) {
  toast.error(res.error, { id: toastId });
}

This code was working as expected in v4. But after upgrading to v5 the res.error = "p"

start: [auth][warn][debug-enabled] Read more: https://warnings.authjs.dev#debug-enabled
start: [auth][debug]: callback route error details {
start:   "method": "POST",
start:   "query": {},
start:   "body": {
start: [auth][error][p]: Read more at https://errors.authjs.dev#p
start:     "email": "test@gmail.com",
start:     "password": "",
start: [auth][cause]: Error: Password is missing
start:     at Object.authorize (A:\projects\46-fleetx\.next\server\app\(auth)\api\auth\[...nextauth]\route.js:351:47717)
start:     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
start:     at async nG (A:\projects\46-fleetx\.next\server\app\(auth)\api\auth\[...nextauth]\route.js:351:30378)
start:     at async n4 (A:\projects\46-fleetx\.next\server\app\(auth)\api\auth\[...nextauth]\route.js:351:38580)
start:     "redirect": "false",
start:     "csrfToken": "8e8b83ee88c48260b6cf485668c7c9c8e98cd2e4af7bc9e387c9a8e6507a7240",
start:     "callbackUrl": "http://localhost:3000/login"
start:   }
start: }
start:     at async n3 (A:\projects\46-fleetx\.next\server\app\(auth)\api\auth\[...nextauth]\route.js:351:41817)
start:     at async A:\projects\46-fleetx\.next\server\app\(auth)\api\auth\[...nextauth]\route.js:11:73595
start: [auth][details]: {
start:   "provider": "credentials"
start: }

[AhmedBaset]

Just found in the docs

// You can also Reject this callback with an Error thus the user will be sent to the error page with the error message as a query parameter

[AhmedBaset]

In the new v5 code

/**
* For a [Credentials provider](https://authjs.dev/reference/core/providers/credentials), possible causes are:
 * - The `authorize` method threw an uncaught error:
 *   Check the provider's `authorize` method.
 * - The `signIn` or `jwt` callback methods threw an uncaught error:
 *   Check the callback method implementations.
 */

So, How to access the message from authorize?

[evilive3000]

@A7med3bdulBaset
I've gone through the source code and it seems that there's no way to create custom errors. All that can be done is to throw one of these.

type ErrorType =
  | "AdapterError"
  | "AuthorizedCallbackError"
  | "CallbackRouteError"
  | "ErrorPageLoop"
  | "EventError"
  | "InvalidCallbackUrl"
  | "CredentialsSignin"
  | "InvalidEndpoints"
  | "InvalidCheck"
  | "JWTSessionError"
  | "MissingAdapter"
  | "MissingAdapterMethods"
  | "MissingAuthorize"
  | "MissingSecret"
  | "OAuthAccountNotLinked"
  | "OAuthCallbackError"
  | "OAuthProfileParseError"
  | "SessionTokenError"
  | "OAuthSignInError"
  | "EmailSignInError"
  | "SignOutError"
  | "UnknownAction"
  | "UnsupportedStrategy"
  | "InvalidProvider"
  | "UntrustedHost"
  | "Verification"
  | "MissingCSRF"

[AhmedBaset]

I ended up patching the package by creating a custom FeedbackError and try/catch it.

[Dearian27]

Please, show the example of code how You did it

[AhmedBaset]

It's now officially supported. see #9871

[Greek]

I opened a PR for this. See #9801

[balazsorban44]

Please see my proposal for a fix: #9099 (comment) Leave your feedback there!