fix: Refresh not triggered if the access token is not also known, which limits its purpose

[cip8]

🔗 Linked issue

890 [second part]

❓ Type of change

• [ ] 📖 Documentation (updates to the documentation, readme or JSdoc annotations)
• [x] 🐞 Bug fix (a non-breaking change that fixes an issue)
• [ ] 👌 Enhancement (improving an existing functionality like performance)
• [ ] ✨ New feature (a non-breaking change that adds functionality)
• [ ] 🧹 Chore (updates to the build process or auxiliary tools and libraries)
• [ ] ⚠️ Breaking change (fix or feature that would cause existing functionality to change)

📚 Description

The refresh logic should be triggered if the refresh token is known.

Some backends might require both tokens for a refresh, but this is not default behavior.

Refresh tokens are long-lasting and usually expire after access tokens, so requiring both for a successful refresh should be optional.

📝 Checklist

• [x] I have linked an issue or discussion.
• [ ] I have added tests (if possible).
• [ ] I have updated the documentation accordingly.

[pkg-pr-new[bot]]

Open in Stackblitz

pnpm add https://pkg.pr.new/@sidebase/nuxt-auth@902

commit: f8ca293

[cip8]

Fix is incomplete - logout doesn't clear refresh cookie so the user re-authenticates on each visit. Will update soon.

[cip8]

Tested with my local setup, everything works fine now.