Setting rewriteRedirects to true would redirect the user back to the previous page with the auth middleware enabled after they successfully logged in regardless of the strategy being used.
What is actually happening?
When user logs in using the local strategy, it redirects the user to / instead of the previous page. However, all other strategies / schemes exhibits the expected redirect behavior.
Steps to reproduce
Initialize a new nuxt project and install the auth module.
Configure the local auth strategy and set rewriteRedirects to true
Create a restricted page that requires login by enabling the auth middleware
Visit the restricted page in browser without being logged in, and get redirected to the login page
Enter the credentials and log in
Get redirected to / instead of back to the restricted page
Additional information
I've tried debugging it a bit. Looks like all other schemes call the redirect function with the argument noRouter set to true. So it replaces the browser location directly, bypassing the entire routing mechanism.
With the local scheme though, the redirect function gets invoked without the noRouter argument which then is set to false. Interestingly, the this.ctx.redirect function gets invoked with the correct to value, e.g. /restricted/page. However, instead of routing back to that page, it goes to / for some reason.
Checklist
[x] I have tested with the latest Nuxt version and the issue still occurs
[x] I have tested with the latest module version and the issue still occurs
[x] I have searched the issue tracker and this issue hasn't been reported yet
Version
module: 5.0.0-1643791578.532b3d6 nuxt: 2.15.8
Nuxt configuration
mode:
Reproduction
What is expected?
Setting
rewriteRedirectstotruewould redirect the user back to the previous page with theauthmiddleware enabled after they successfully logged in regardless of the strategy being used.What is actually happening?
When user logs in using the local strategy, it redirects the user to
/instead of the previous page. However, all other strategies / schemes exhibits the expected redirect behavior.Steps to reproduce
rewriteRedirectstotrue/instead of back to the restricted pageAdditional information
I've tried debugging it a bit. Looks like all other schemes call the redirect function with the argument
noRouterset totrue. So it replaces the browser location directly, bypassing the entire routing mechanism. With the local scheme though, the redirect function gets invoked without thenoRouterargument which then is set tofalse. Interestingly, thethis.ctx.redirectfunction gets invoked with the correcttovalue, e.g./restricted/page. However, instead of routing back to that page, it goes to/for some reason.Checklist