v2.7.1 breaks websocket authentication

Environment

Operating System: Darwin
Node Version: v18.15.0
Nuxt Version: 3.8.0
CLI Version: 3.9.1
Nitro Version: 2.7.1
Package Manager: pnpm@8.10.0
Builder: -
User Config: ssr, runtimeConfig, site, modules, imports, experimental, sourcemap, devtools, app, vite, typescript, css, postcss, nitro, piniaPersistedstate, http, auth, colorMode, plausible, sitemap
Runtime Modules: @nuxt/devtools@1.0.0, @nuxt-alt/auth@2.7.1, @nuxt-alt/http@1.6.9, @nuxtjs/color-mode@3.3.0, @nuxtjs/plausible@0.2.3, @nuxtseo/module@2.0.0-beta.39, @pinia/nuxt@0.5.1, @pinia-plugin-persistedstate/nuxt@1.2.0, @unocss/nuxt@0.57.1, @vueuse/nuxt@10.5.0, nuxt-icon@0.6.1, nuxt-vitest@0.11.0
Build Modules: -

Nuxt Config

  auth: {
    globalMiddleware: true,
    redirectStrategy: 'query', // IMPORTANT! Otherwise, there will be an infinite logout loop.
    watchLoggedIn: true,
    cookie: {
      prefix: 'auth.',
      options: {
        path: '/',
        secure: process.env.NODE_ENV === 'production', // Enable only in production.
        sameSite: 'lax', // IMPORTANT!
      },
    },
    redirect: {
      login: '/login',
      logout: '/login',
      callback: '/login',
      home: '/',
    },
    strategies: {
      local: {
        scheme: 'refresh',
        token: {
          property: 'access',
          type: 'JWT',
        },
        refreshToken: {
          property: 'refresh',
          data: 'refresh', // IMPORTANT! Note that the refresh token is not a JWT token.
        },
        user: {
          property: false,
        },
        endpoints: {
          login: {
            url: `${process.env.API_URL}/auth/token/`,
            method: 'post',
          },
          refresh: {
            url: `${process.env.API_URL}/auth/token/refresh/`,
            method: 'post',
          },
          user: false,
          logout: {
            url: `${process.env.API_URL}/auth/logout/`,
            method: 'post',
          },
        },
      },
      google: {
        clientId: process.env.GOOGLE_CLIENT_ID,
        responseType: 'code',
        codeChallengeMethod: '', // This is important!
        endpoints: {
          scope: ['openid', 'profile', 'email'],
          token: `${process.env.API_URL}/auth/social/google/`,
          userInfo: `${process.env.API_URL}/users/me/`,
        },
        token: {
          // The token type needs to match the AUTH_HEADER_TYPES setting under
          // SIMPLE_JWT in the Django settings (Bearer by default).
          type: 'JWT',
          property: 'access',
        },
        refreshToken: {
          // The refresh token is not a JWT token!
          property: 'refresh',
        },
      },
    },
  },

Reproduction

Can't reproduce.

Describe the bug

Not sure exactly what happens, but when I upgrade from 2.7.0 to 2.7.1 my websocket authentication breaks. This happens only in production and only for websockets, but not for normal auth.

Websocket auth looks like this:

const token = auth.tokenStrategy.token?.get() as string
if (!token) {
  console.log('No token found.')
  return
}
// Open socket.
socket = new WebSocket(`${config.public.websocketUrl}/prompts/${promptId}/?token=${token.split(' ')[1]}`)

The backend (django simple-jwt) says the token is invalid as far as I understand it.

Downgrading to 2.7.0 resolves the issue.

Additional context

No response

Logs