`ERROR: Login Required` after logging in (issue did not exist last week)

[titusdecali]

Describe the problem

Last week you guys helped me solve migration to the new 2.0.0 version and I could login / logout without issue. This week, (without any changes to the frontend) I'm getting a strange reload loop with a console error ERROR: Login Required after logging in. I've tried reverting to the previous version of auth0-vue and the issue does not seem to exist there. I also tried updating to the new 2.0.1 version and no change.

This is occuring in localhost, and when my team wakes up I'll have them test it on our live dev site.

I'm also not aware of any changes by our team to the Auth0 configuration, however I have also put in a request for the team to double check that nothing has shifted. Just in case, I also wanted to post here as this issue is greatly impeding my work.

In Chrome:

As you can see, it's not returning a token, and in Safari we get a bit more information: (Ignore the 403, that's something else)

In Safari:

The even stranger thing, is that after a while, sometimes it kicks out a token and works, letting me load the site as in the case below which occurred after it reloaded itself about 50 times in Safari:

As you can see, this is very hard to troubleshoot, and again, last week it was working flawlessly.

Have there been any changes to Auth0's server environment that could have caused this? If not, a review of our Auth0 config for quid.li would be greatly appreciated to let us know what has gone wrong here.

Just in case, I've also tried deleting the node_modules folder and reinstalled everything, again no change seen.

Environment

"@auth0/auth0-vue": "^2.0.0 / ^2.0.1" "vue": "^3.2.13" (Options API) Chrome, Firefox, Safari

[frederikprijck]

Hey,

Login required is an expected error, and should be handled accordingly by calling loginWithRedirect when it occurs, as what it means is:

• we want to try and get a new token, but we don't have a refresh token, so we contact auth0 and rely on an existing session with Auth0. If there is no session, u get loggin required (or if third party cookies are blocked)

If 3rd party cookies are being blocked, we encourage using custom domains. For local dev, you might still need to rely loginWithRedirect tho.

We haven't made any change, so if u say it worked fine last week, some other factor must be causing this.

Can you reproduce this in our sample application?

Also providing an HAR file as well as your config for our SDK can help troubleshooting.

Are your browsers, apart from safari (i know they block it) blocking third party cookies?

Thanks

[titusdecali]

I'm using auth guards import { authGuard } from '@auth0/auth0-vue' to redirect the user when the login failed. Is it also necessary to handle this error and use LoginWithRedirect as well? (it wasn't in the previous version, but I'll be happy to implement if still required)

RE: Cookie blockers: I have a checker that alerts users that their adblockers (or Brave) and other third-party-cookie blockers cannot be used on our site when they are active, so I don't believe that to be the issue.

I'll generate a HAR file and post it soon

[frederikprijck]

it wasn't in the previous version, but I'll be happy to implement if still required

Nothing has changed in V2 about this. Can you please try our sample app as well? As it would be the easiest, the HAR file might help, but cant guarantee as this "error" can be expected and perfectly valid in some cases.

Regarding cookie blockers... Safari blocks it by default, so does Firefox depending on your browser settings. Not sure about the current state of chrome.

Thanks.

[titusdecali]

Turns out that the browser I was using (Sidekick, which is Chromium) added third-party cookie blocking over the weekend. Thanks for pointing me in the right direction.

Closing