When running the usesend/usesend:latest Docker image locally for development, GitHub OAuth authentication fails with a "State cookie was missing" error. This prevents users from logging in or creating accounts when running UseSend in a local Docker environment.
- Set up UseSend using Docker Compose with the following configuration:
services:
usesend_db:
image: postgres:16
restart: always
environment:
- POSTGRES_USER=usesend
- POSTGRES_PASSWORD=usesend
- POSTGRES_DB=usesend
healthcheck:
test: ['CMD-SHELL', 'pg_isready -U usesend']
interval: 10s
timeout: 5s
retries: 5
volumes:
- usesend-db-data:/var/lib/postgresql/data
usesend_redis:
image: redis:7
restart: always
volumes:
- usesend-cache:/data
command: ['redis-server', '--maxmemory-policy', 'noeviction']
usesend_storage:
image: minio/minio:latest
ports:
- '9002:9002'
- '9003:9001'
volumes:
- usesend-storage:/data
environment:
MINIO_ROOT_USER: usesend
MINIO_ROOT_PASSWORD: password
entrypoint: sh
command: -c 'mkdir -p /data/usesend && minio server /data --console-address ":9001" --address ":9002"'
usesend:
image: usesend/usesend:latest
restart: always
ports:
- '3001:3000'
extra_hosts:
- 'host.docker.internal:host-gateway'
environment:
- PORT=3000
- DATABASE_URL=postgres://usesend:usesend@usesend_db:5432/usesend
- NEXTAUTH_URL=http://localhost:3001
- NEXTAUTH_SECRET=<valid-64-char-secret>
- GITHUB_ID=<valid-github-oauth-id>
- GITHUB_SECRET=<valid-github-oauth-secret>
- REDIS_URL=redis://usesend_redis:6379
- NEXT_PUBLIC_IS_CLOUD=false
- API_RATE_LIMIT=1
depends_on:
usesend_db:
condition: service_healthy
usesend_redis:
condition: service_started
volumes:
usesend-db-data:
usesend-cache:
usesend-storage:-
Configure GitHub OAuth app with callback URL:
http://localhost:3001/api/auth/callback/github -
Start the services:
docker compose up -d -
Navigate to
http://localhost:3001 -
The option to login with github is missing, there is just an empty box.
User should be redirected to GitHub for authentication and then back to UseSend, completing the login flow.
After GitHub authorization, the user is redirected back to UseSend but the login fails with an error. The URL shows:
http://localhost:3001/login?callbackUrl=http%3A%2F%2Flocalhost%3A3001&error=OAuthCallback
The container logs show:
[next-auth][error][OAUTH_CALLBACK_ERROR]
https://next-auth.js.org/errors#oauth_callback_error State cookie was missing. {
error: Error [OAuthCallbackError]: State cookie was missing.
at Object.use (.next/server/chunks/2810.js:18:99600)
...
providerId: 'github',
message: 'State cookie was missing.'
}
- Docker Desktop (macOS)
- UseSend Docker image:
usesend/usesend:latest - NextAuth version: (bundled in image)
The following environment variables were tried without success:
AUTH_TRUST_HOST=trueAUTH_URL=http://localhost:3001/api/authNODE_ENV=development- Various
NEXTAUTH_URLconfigurations includinghost.docker.internal
This appears to be a known issue with NextAuth.js when running in Docker containers for local development. The state cookie is set when initiating the OAuth flow but is not available when the callback returns. This is likely due to:
- Cookie
SameSitesettings in the pre-built Docker image that are configured for production (HTTPS) - The
NEXTAUTH_URLmismatch between the container's internal network and the host'slocalhost - Server-side rendering attempting to fetch from
localhostwhich resolves differently inside the container
Related NextAuth issues:
The UseSend login page renders correctly and the /api/auth/providers endpoint returns the GitHub provider configuration. The issue is specifically with the OAuth callback flow and cookie handling.