search

nuxt-alt / auth

An alternative module to @nuxtjs/auth
https://nuxt-alt-auth.vercel.app/
MIT License
94 stars 20 forks source link

Issue with default local auth #101

Closed daktas closed 5 months ago

daktas commented 5 months ago

Hello I've issue on my nuxt-alt/auth installation. Everything was working fine with 3.1.0 update. My call were reaching my backend with laravelJWT strategie.

But from last updates (after 3.1.0) it's going on wrong url with "/_auth/local/laravelJWT/authorize" and not my endpoint. I didn't get what is the config to disable this setting. Anyone can help or give some documentation?

daktas commented 5 months ago

my nuxt on starting create nitro-route is with: "/_auth/local/laravelJWT/authorize" and refering to "local-laravelJWT.ts" file

I want to use my previous setting set in nuxt.config.ts in auth:{} config

here is my auth config:

auth: {
    strategies: {
      laravelJWT: {
        provider: 'laravel/jwt',
        url: '/api',
        user: {
          autoFetch: false,
        },
        endpoints: {
          login: { url: '/v1/auth/login/', method: 'post' },
          logout: { url: '/v1/auth/logout/', method: 'post' },
          user: false,
          refresh: { url: '/v1/auth/refreshToken/', method: 'post' },
        },
        token: {
          property: 'data.access_token',
          maxAge: 60 * 60 * 24, // 24 hour
        },
        refreshToken: {
          maxAge: 60 * 60 * 24 * 7, // 7 days
        },
      },
      adminLaravelJWT: {
        provider: 'laravel/jwt',
        url: '/api',
        user: {
          autoFetch: false,
        },
        endpoints: {
          login: { url: '/v1/admin/login-as-user/', method: 'post' },
          logout: { url: '/v1/auth/logout/', method: 'post' },
          user: false,
          refresh: { url: '/v1/auth/refreshToken/', method: 'post' },
        },
        token: {
          property: 'data.access_token',
          maxAge: 60 * 60 * 24, // 24 hour
        },
        refreshToken: {
          maxAge: 60 * 60 * 24 * 7, // 7 days
        },
      },
    },
  },
Denoder commented 5 months ago

The most recent change I did regarding the local scheme is requiring that the url property having a tld (e.g: https://example.com). It worked without that need on a node server, but I can't hook onto the server in production to get the host/port for nitro when using other nitro presets (a seemingly common thing in nuxt 3 that hasn't been addressed since)

daktas commented 5 months ago

My issue seems coming from addLocalAuthorize function It work on @nuxt-alt/auth 3.1.0 and not on updates after

I've seen your code in laravel-jwt.mjs

if (strategy.ssr) {
    addLocalAuthorize(nuxt, strategy);
  }

I've try to add ssr: false in my config but still not work here is my config

auth: {
    strategies: {
      laravelJWT: {
        ssr: false,
        provider: 'laravel/jwt',
        scheme: 'laravelJWT',
        url: '/api',
        user: {
          autoFetch: false,
        },
        endpoints: {
          login: { url: '/v1/auth/login/', method: 'post' },
          logout: { url: '/v1/auth/logout/', method: 'post' },
          user: false,
          refresh: { url: '/v1/auth/refreshToken/', method: 'post' },
        },
        token: {
          property: 'data.access_token',
          maxAge: 60 * 60 * 24, // 24 hour
        },
        refreshToken: {
         maxAge: 60 * 60 * 24 * 7, // 7 days
        },
      },
      adminLaravelJWT: {
        ssr: false,
        provider: 'laravel/jwt',
        scheme: 'laravelJWT',
        url: '/api',
        user: {
          autoFetch: false,
        },
        endpoints: {
          login: { url: '/v1/admin/login-as-user/', method: 'post' },
          logout: { url: '/v1/auth/logout/', method: 'post' },
          user: false,
          refresh: { url: '/v1/auth/refreshToken/', method: 'post' },
        },
        token: {
          property: 'data.access_token',
          maxAge: 60 * 60 * 24, // 24 hour
        },
        refreshToken: {
          maxAge: 60 * 60 * 24 * 7, // 7 days
        },
      },
    },
  },

on Login I don't want to reach /_auth/local/laravelJWT/authorize

but I have to reach /api/v1/auth/login/

Denoder commented 5 months ago

The ssr property is only there as a means to verify if the nuxt application is in ssr mode or not.

/_auth/local/laravelJWT/authorize uses nitro to access /api/v1/auth/login/

but an oversight on my part is the fact that I forgot to put laravelJWT in the list of schemes that extends the local scheme.

Can you try @nuxt-alt/auth@3.1.5-beta.0

daktas commented 5 months ago

I've try @nuxt-alt/auth@3.1.5-beta.0 but same result but you're right, it seems calling "/api/v1/auth/login/" I have this response

{
    "url": "/_auth/local/laravelJWT/authorize",
    "statusCode": 404,
    "statusMessage": "Not Found",
    "message": "[POST] \"http://localhost:3000/api/v1/auth/login/\": 404 Not Found",
    "stack": "",
    "data": "xx",
}
Denoder commented 5 months ago

as previously suggested there should be a url for it to go to. The response that you've shown means it's working as intended and you'll either need to set up a proxy and/or add a url for the url property for the strategy.