You can customize the authorized callback for a conditional check. On my side, I want to use an environment variable to skip logins if in development. I found this post after getting the same error you got.

See https://next-auth.js.org/configuration/nextjs#callbacks for more info.

In your case, you can do something like:

import {
  withAuth
} from "next-auth/middleware";

export default withAuth({
  callbacks: {
    authorized: ({
      token
    }) => !!token && process.env.NEXT_PUBLIC_AUTH_USERS === "true"
  },
}, );

export const config = {
  matcher: ["/folder/(.*)"]
}

Token will be set if user is logged in, otherwise will be null.