@nuxtjs/apollo caches the private user data on the server.

[Iran-110]

Environment

Nuxt project info:

• Operating System: Linux
• Node Version: v20.10.0
• Nuxt Version: 3.8.2
• CLI Version: 3.10.0
• Nitro Version: 2.8.1
• Package Manager: yarn@3.2.3
• Builder: -
• User Config: devtools, app, css, tailwindcss, plugins, components, alias, modules, apollo, auth, runtimeConfig, postcss, build, devServer
• Runtime Modules: @nuxtjs/eslint-module@4.1.0, @nuxtjs/tailwindcss@6.10.1, @nuxtjs/apollo@5.0.0-alpha.11, @sidebase/nuxt-auth@0.6.3, @vee-validate/nuxt@4.12.2, @vue-final-modal/nuxt@1.0.3, vue3-carousel-nuxt@1.1.0

• Build Modules: -

Describe the bug

After each app:render hook on the server, the plugin caches the data in the nuxtApp.payload.data[key] in these lines and restore it on the client.

So, if a user retrieves his private information once, another user can fetch it even without logging in.

Expected behaviour

Two probable recommendations:

1. The server should cache the data for each user, separately.
2. Or, the server just saves the public information.

Reproduction

No response

Additional context

No response

Logs

No response

[Iran-110]

After hours of checking I found out that it is from the setting of @apollo/server in the API server and not nuxt.