When the auth/identity handler is invoked with an invalid token, it'll throw an error when trying to fetch the current user. This sends the application in an infinite loop trying to get the identity.
This happened when the access token cookie had been set by another EdgeDB instance running on the same host (localhost:3000). But it would also occur with sessions of the same EdgeDb instance if the auth_signing_key was changed, since that would also cause a JWT signature mismatch.
In order to deal with this gracefully, we need to catch the error when trying to fetch the current user and delete the token cookie.
I'm currently preparing a fix and will submit a PR.
When the
auth/identity
handler is invoked with an invalid token, it'll throw an error when trying to fetch the current user. This sends the application in an infinite loop trying to get the identity.https://github.com/Tahul/nuxt-edgedb/blob/37ac5c41833465f3ee9adfcf5ebec6bc20ed237d/src/runtime/api/auth/identity.ts#L14
This happened when the access token cookie had been set by another EdgeDB instance running on the same host (localhost:3000). But it would also occur with sessions of the same EdgeDb instance if the
auth_signing_key
was changed, since that would also cause a JWT signature mismatch.In order to deal with this gracefully, we need to catch the error when trying to fetch the current user and delete the token cookie.
I'm currently preparing a fix and will submit a PR.