[v5][Documentation] getProp is undefined in ~/schemes/customScheme.js

[Armillus]

Version

module: 5.0.0 (latest) nuxt: 2.15.8

Nuxt configuration

mode:

• [x] universal
• [ ] spa

Nuxt configuration

  auth: {
    redirect: {
      logout: '/',
      home: '/',
    },
    cookie: true,
    localStorage: false,
    strategies: {
      local: false,
      customStrategy: {
        scheme: '~/schemes/customScheme',
        token: {
          required: false,
          type: false,
        },
        cookie: {
          name: 'XSRF-TOKEN',
        },
        user: {
          property: false,
          autoFetch: true,
        },
        endpoints: {
          login:  { url: '/login',  method: 'post' },
          logout: { url: '/logout', method: 'post' },
          user:   { url: '/user',   method: 'get'  },
          csrf:   { url: '/sanctum/csrf-cookie'    },
        }
      }
    },
    plugins: [
      '~/plugins/auth.js',
    ],
  }

Reproduction

What is expected?

With a functional custom scheme and a proper configuration, you should be able to login, fetch the authentified user and so on.

What is actually happening?

The function fetchUser as implemented in the documentation isn't working, because of the line const user = getProp(response.data, this.options.user.property). Indeed, getProp is undefined, and thus the call will fail (even if the user.property is false).

Steps to reproduce

Just follow this documentation to create your own scheme. Optionnaly, you can add a console.error(error) in the catch() at the end of the fetchUser function, before the call to this.$auth.callOnError. Then, assuming you're logged in, try to call this.$auth.fetchUser() (or let the module do an automatic call to your user endpoint if user.autoFetch is set to true).

Additional information

Checklist

• [x] I have tested with the latest Nuxt version and the issue still occurs
• [x] I have tested with the latest module version and the issue still occurs
• [x] I have searched the issue tracker and this issue hasn't been reported yet

Additional suggestion?

That's an unusual section, but I would like to propose something, which is kind of unrelated to the current issue. I originially needed to create a custom scheme to debug a silent failure from fetchUser(). After some investigation, I finally realized that my backend was sending a HttpOnly cookie needed for authentication.

Because I had this cookie in my configuration instead of XSRF-TOKEN, userFetch() couldn't find this cookie when called on the client side, and it was the origin of my problems. Wouldn't it be a good idea to add a warning or a tip related to HttpOnly cookies on this page of the documentation ? If so, I would be happy to submit a PR in this sense.

Performance analysis?

None.

[iLegion]

Hi, just copy it in your custom scheme and call it.

I write like it.