// ...
piniaPersistedstate: {
storage: 'localStorage',
},
http: {
baseURL: process.env.API_URL,
browserBaseURL: process.env.API_URL,
},
auth: {
globalMiddleware: true,
redirectStrategy: 'query', // IMPORTANT! Otherwise, there will be an infinite logout loop.
watchLoggedIn: true,
cookie: {
prefix: 'auth.',
options: {
path: '/',
secure: process.env.NODE_ENV === 'production', // Enable only in production.
sameSite: 'lax', // IMPORTANT!
},
},
redirect: {
login: '/login',
logout: '/login',
callback: '/login',
home: '/',
},
strategies: {
local: {
scheme: 'refresh',
token: {
property: 'access',
type: 'JWT',
},
refreshToken: {
property: 'refresh',
data: 'refresh', // IMPORTANT! Note that the refresh token is not a JWT token.
},
user: {
property: false,
},
endpoints: {
login: {
url: `${process.env.API_URL}/auth/token/`,
method: 'post',
},
refresh: {
url: `${process.env.API_URL}/auth/token/refresh/`,
method: 'post',
},
user: false,
logout: {
url: `${process.env.API_URL}/auth/logout/`,
method: 'post',
},
},
},
google: {
clientId: process.env.GOOGLE_CLIENT_ID,
responseType: 'code',
codeChallengeMethod: '', // This is important!
endpoints: {
scope: ['openid', 'profile', 'email'],
token: `${process.env.API_URL}/auth/social/google/`,
userInfo: `${process.env.API_URL}/users/me/`,
},
token: {
// The token type needs to match the AUTH_HEADER_TYPES setting under
// SIMPLE_JWT in the Django settings (Bearer by default).
type: 'JWT',
property: 'access',
},
refreshToken: {
// The refresh token is not a JWT token!
property: 'refresh',
},
},
},
},
// ...
Reproduction
Not sure how to create a reproduction for this since it requires an expired JWT token...
Describe the bug
I have a Nuxt app with nuxt-alt/auth on the frontend and a Django app with djangorestframework-simplejwt on the backend. For websockets I pass the JWT to create a channel and when the token expires the backend throws an error. Then I check with if the error is due to an expired token and refresh if that is the case, like so:
if (auth.tokenStrategy.token?.status().expired()) {
// If the token expired, refresh it.
console.log('coreSocket REFRESH TOKENS')
auth.refreshTokens()
}
But this doesn't seem to work. The check is false, but the token is expired. Do I do something wrong here or is the expired() method broken?
Environment
Darwin
v18.15.0
3.8.0
3.9.1
2.7.0
pnpm@8.9.2
-
ssr
,runtimeConfig
,site
,modules
,imports
,experimental
,sourcemap
,devtools
,app
,vite
,typescript
,css
,postcss
,nitro
,piniaPersistedstate
,http
,auth
,colorMode
,plausible
,sitemap
@nuxt/devtools@1.0.0
,@nuxt-alt/auth@2.6.1
,@nuxt-alt/http@1.6.9
,@nuxtjs/color-mode@3.3.0
,@nuxtjs/plausible@0.2.3
,@nuxtseo/module@2.0.0-beta.39
,@pinia/nuxt@0.5.1
,@pinia-plugin-persistedstate/nuxt@1.2.0
,@unocss/nuxt@0.57.1
,@vueuse/nuxt@10.5.0
,nuxt-icon@0.6.0
,nuxt-vitest@0.11.0
-
Nuxt Config
Reproduction
Not sure how to create a reproduction for this since it requires an expired JWT token...
Describe the bug
I have a Nuxt app with
nuxt-alt/auth
on the frontend and a Django app withdjangorestframework-simplejwt
on the backend. For websockets I pass the JWT to create a channel and when the token expires the backend throws an error. Then I check with if the error is due to an expired token and refresh if that is the case, like so:But this doesn't seem to work. The check is false, but the token is expired. Do I do something wrong here or is the
expired()
method broken?Additional context
No response
Logs
No response