From e861effbad311c86f7a068c1cddbcf3e8cfdb6bd Mon Sep 17 00:00:00 2001 From: Laura Beatris <48022589+LauraBeatris@users.noreply.github.com> Date: Tue, 5 Aug 2025 13:49:21 -0300 Subject: [PATCH 1/2] Resolve auth object with options from handler --- packages/nextjs/src/server/clerkMiddleware.ts | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/packages/nextjs/src/server/clerkMiddleware.ts b/packages/nextjs/src/server/clerkMiddleware.ts index a06ec29b309..5aee42276c8 100644 --- a/packages/nextjs/src/server/clerkMiddleware.ts +++ b/packages/nextjs/src/server/clerkMiddleware.ts @@ -1,11 +1,13 @@ import type { AuthObject, ClerkClient } from '@clerk/backend'; import type { + AuthenticatedState, AuthenticateRequestOptions, ClerkRequest, RedirectFun, RequestState, SignedInAuthObject, SignedOutAuthObject, + UnauthenticatedState, } from '@clerk/backend/internal'; import { AuthStatus, @@ -214,7 +216,7 @@ export const clerkMiddleware = ((...args: unknown[]): NextMiddleware | NextMiddl const redirectToSignUp = createMiddlewareRedirectToSignUp(clerkRequest); const protect = await createMiddlewareProtect(clerkRequest, authObject, redirectToSignIn); - const authHandler = createMiddlewareAuthHandler(authObject, redirectToSignIn, redirectToSignUp); + const authHandler = createMiddlewareAuthHandler(requestState, redirectToSignIn, redirectToSignUp); authHandler.protect = protect; let handlerResult: Response = NextResponse.next(); @@ -427,14 +429,18 @@ const createMiddlewareProtect = ( * - For machine tokens: validates token type and returns appropriate auth object */ const createMiddlewareAuthHandler = ( - rawAuthObject: AuthObject, + requestState: AuthenticatedState<'session_token'> | UnauthenticatedState<'session_token'>, redirectToSignIn: RedirectFun, redirectToSignUp: RedirectFun, ): ClerkMiddlewareAuth => { const authHandler = async (options?: GetAuthOptions) => { + const rawAuthObject = requestState.toAuth({ treatPendingAsSignedOut: options?.treatPendingAsSignedOut }); const acceptsToken = options?.acceptsToken ?? TokenType.SessionToken; - const authObject = getAuthObjectForAcceptedToken({ authObject: rawAuthObject, acceptsToken }); + const authObject = getAuthObjectForAcceptedToken({ + authObject: rawAuthObject, + acceptsToken, + }); if (authObject.tokenType === TokenType.SessionToken && isTokenTypeAccepted(TokenType.SessionToken, acceptsToken)) { return Object.assign(authObject, { From 1a8024af6f1c7334411153d1a0e487cdb5f16f5c Mon Sep 17 00:00:00 2001 From: Laura Beatris <48022589+LauraBeatris@users.noreply.github.com> Date: Tue, 5 Aug 2025 13:58:01 -0300 Subject: [PATCH 2/2] Add changeset --- .changeset/tricky-planets-cry.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .changeset/tricky-planets-cry.md diff --git a/.changeset/tricky-planets-cry.md b/.changeset/tricky-planets-cry.md new file mode 100644 index 00000000000..de881622ab2 --- /dev/null +++ b/.changeset/tricky-planets-cry.md @@ -0,0 +1,19 @@ +--- +'@clerk/nextjs': patch +--- + +Propagate `treatPendingAsSignedOut` to `auth` from `clerkMiddleware` + +```ts +export default clerkMiddleware(async (auth, req) => { + // If the session has a `pending` status, `userId` will be `null` by default, treated as a signed-out state + const { userId } = await auth() +}) +``` + +```ts +export default clerkMiddleware(async (auth, req) => { + // If the session has a `pending` status, `userId` will be defined, treated as a signed-in state + const { userId } = await auth({ treatPendingAsSignedOut: false }) +}) +```