search

manchenkoff / nuxt-auth-sanctum

Nuxt module for Laravel Sanctum authentication
https://manchenkoff.gitbook.io/nuxt-auth-sanctum/
MIT License
171 stars 21 forks source link

[Feature] Token based authentication support #33

Closed j-jalving closed 5 months ago

j-jalving commented 9 months ago

I love the simplicity of this plugin and would love to use it for my Capacitor/Ionic projects. But unfortunately session cookies are not supported in iOS apps. It would be awesome if the plugin would also have support for token based authentication as wel.

manchenkoff commented 9 months ago

Hey @j-jalving, I agree, but the main idea of this module was to provide an easy way to set a cookie-based authentication for SPA apps. If you need token-based solutions, you can give it a try to sidebase-auth or authjs.

I don't have enough time to implement token authentication right now, but feel free to contribute and open a PR!

j-jalving commented 9 months ago

Makes total sense!

jjjrmy commented 8 months ago

@j-jalving I was able to solve this on another Capacitor/Vue/Inertia/Laravel project using Axios, but I think you can probably do something very similarly manually with oFetch as well or even make a PR to support this within this package.

From what I remember, I had to pass the CSRF token back (from a Middleware) in the response headers if the request came from the mobile app, since as you said we do not get access to the session cookies within the app.

I think also I had to do some changes to allow the requests coming from the app, since technically they are not on the same domain. I did this with another Middleware that changes the referrer/origin of the request if it matches what we'd expect the App's namespace to be.

Probably at some point I will run into this issue myself and will make a PR for that case on this project. Basically just have the option to use the Cookies or the Headers for retrieving those values. But like I said, it requires a middleware on the Laravel side as well.

jjjrmy commented 8 months ago

I'm looking into these solutions: https://stackoverflow.com/questions/72045698/capacitor-ios-using-cookie-based-auth https://forum.ionicframework.com/t/how-to-save-a-session-cookie-with-capacitor-http-plugin/205900

If that doesn't work then we will need to go the route of using Token Based Auth. In that case we'd need to have Auth endpoints for mobile and switch between Auth types depending on platform.

jjjrmy commented 8 months ago

Give this a whirl: https://github.com/manchenkoff/nuxt-auth-sanctum/pull/43