Fix next js compilation issue when auth0 configs are not found in env

apps/rowboat/app/lib/auth0.ts

@@ -1,21 +1,40 @@
 // lib/auth0.js
 
+import { NextResponse } from "next/server";
 import { Auth0Client } from "@auth0/nextjs-auth0/server";
+import { USE_AUTH } from "../lib/feature_flags";
 
-// Initialize the Auth0 client 
-export const auth0 = new Auth0Client({
-  // Options are loaded from environment variables by default
-  // Ensure necessary environment variables are properly set
-  domain: process.env.AUTH0_ISSUER_BASE_URL,
-  clientId: process.env.AUTH0_CLIENT_ID,
-  clientSecret: process.env.AUTH0_CLIENT_SECRET,
-  appBaseUrl: process.env.AUTH0_BASE_URL,
-  secret: process.env.AUTH0_SECRET,
+// Treat config as present only when all required pieces exist
+const auth0Domain = process.env.AUTH0_DOMAIN || process.env.AUTH0_ISSUER_BASE_URL;
+const auth0ClientId = process.env.AUTH0_CLIENT_ID;
+const auth0ClientSecret = process.env.AUTH0_CLIENT_SECRET || process.env.AUTH0_CLIENT_ASSERTION_SIGNING_KEY;
+const auth0BaseUrl = process.env.AUTH0_BASE_URL;
+const auth0Secret = process.env.AUTH0_SECRET;
 
-  authorizationParameters: {
-    // In v4, the AUTH0_SCOPE and AUTH0_AUDIENCE environment variables for API authorized applications are no longer automatically picked up by the SDK.
-    // Instead, we need to provide the values explicitly.
-    scope: process.env.AUTH0_SCOPE,
-    audience: process.env.AUTH0_AUDIENCE,
-  }
-});
+const isAuthConfigured = Boolean(
+  auth0Domain && auth0ClientId && auth0BaseUrl && auth0Secret && auth0ClientSecret
+);
+
+// When auth is disabled or misconfigured, export a safe no-op shim so imports won't crash
+const createAuth0Shim = () => ({
+  async getSession(_req?: unknown) {
+    return null;
+  },
+  async middleware(_req?: unknown) {
+    return NextResponse.next();
+  },
+});
+
+export const auth0 = USE_AUTH && isAuthConfigured
+  ? new Auth0Client({
+      domain: auth0Domain,
+      clientId: auth0ClientId,
+      clientSecret: process.env.AUTH0_CLIENT_SECRET,
+      appBaseUrl: auth0BaseUrl,
+      secret: auth0Secret,
+      authorizationParameters: {
+        scope: process.env.AUTH0_SCOPE,
+        audience: process.env.AUTH0_AUDIENCE,
+      }
+    })
+  : createAuth0Shim();

apps/rowboat/middleware.ts

@@ -1,5 +1,6 @@
 import { NextFetchEvent, NextRequest, NextResponse } from "next/server";
 import { auth0 } from "./app/lib/auth0";
+import { USE_AUTH } from "./app/lib/feature_flags";
 
 const corsOptions = {
   'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
@@ -17,9 +18,13 @@ async function authCheck(request: NextRequest) {
 }
 
 export async function middleware(request: NextRequest, event: NextFetchEvent) {
-  // Check if the request path starts with /api/auth/
+  // Check if the request path starts with /auth
   if (request.nextUrl.pathname.startsWith('/auth')) {
-    return await auth0.middleware(request);
+    // Only delegate to Auth0 when auth is enabled; otherwise allow through
+    if (USE_AUTH) {
+      return await auth0.middleware(request);
+    }
+    return NextResponse.next();
   }
 
   // Check if the request path starts with /api/
@@ -49,8 +54,7 @@ export async function middleware(request: NextRequest, event: NextFetchEvent) {
   if (request.nextUrl.pathname.startsWith('/projects') ||
     request.nextUrl.pathname.startsWith('/billing') ||
     request.nextUrl.pathname.startsWith('/onboarding')) {
-    // Skip auth check if USE_AUTH is not enabled
-    if (process.env.USE_AUTH === 'true') {
+    if (USE_AUTH) {
       return await authCheck(request);
     }
   }