feat(#797, #878): set `baseURL` via environment variables and improve internal url detection

[zoey-kaiser]

🔗 Linked issue

closes #797, #878

❓ Type of change

• [ ] 📖 Documentation (updates to the documentation, readme or JSdoc annotations)
• [ ] 🐞 Bug fix (a non-breaking change that fixes an issue)
• [X] 👌 Enhancement (improving an existing functionality like performance)
• [ ] ✨ New feature (a non-breaking change that adds functionality)
• [ ] 🧹 Chore (updates to the build process or auxiliary tools and libraries)
• [x] ⚠️ Breaking change (fix or feature that would cause existing functionality to change)

📚 Description

📝 Checklist

• [ ] I have linked an issue or discussion.
• [ ] I have added tests (if possible).
• [ ] I have updated the documentation accordingly.

[zoey-kaiser]

Testing auth.baseURL and AUTH_ORIGIN:

Only setting auth.baseURL

• auth.baseURL not set:
  • Requests made to /api/auth
• auth.baseURL set to http://localhost:8080
  • Requests made to http://localhost:8080
• auth.baseURL set to http://localhost:8080/auth
  • Requests made to http://localhost:8080/auth

Combination of auth.baseURL and AUTH_ORIGIN

• auth.baseURL not set, AUTH_ORIGIN not set:
  • Requests made to /api/auth
• auth.baseURL set to http://localhost:8080, AUTH_ORIGIN not set:
  • Requests made to http://localhost:8080
• auth.baseURL set to http://localhost:8080, AUTH_ORIGIN set to http://localhost:8081:
  • Requests made to http://localhost:8081
• auth.baseURL set to http://localhost:8080, AUTH_ORIGIN set to http://localhost:8081/auth:
  • Requests made to http://localhost:8081/auth

Testing setting internal vs external URLs:

• Internal auth.baseURL:
  • auth.baseURL set to /auth
  • AUTH_ORIGIN not set
  • auth.provider.endpoints.signIn.path set to /login
  • Request made to: /auth/login
• Internal AUTH_ORIGIN:
  • auth.baseURL not set
  • AUTH_ORIGIN set to /auth
  • auth.provider.endpoints.signIn.path set to /login
  • Request made to: /auth/login
• External auth.baseURL:
  • auth.baseURL set to http://localhost:8080/auth
  • AUTH_ORIGIN not set
  • auth.provider.endpoints.signIn.path set to /login
  • Request made to: http://localhost:8080/auth/login
• External AUTH_ORIGIN:
  • auth.baseURL not set
  • AUTH_ORIGIN set to http://localhost:8080/auth
  • auth.provider.endpoints.signIn.path set to /login
  • Request made to: http://localhost:8080/auth/login

Note: I tested that the internal URLs actually request internal URLs, but setting the path to a non existent route and ensuring I receive the Vue Router warning

[zoey-kaiser]

This is a breaking change and needs to have its own minor release + docs if we settle on it.

It is! I had forgotten to add the label. However, I think these changes are desperately needed as the current logic makes no sense and limits how you can use it. E.g. I am working on a project where the external API routes are as follows:

• sign in: localhost:8080/auth/login
• get session: localhost:8080/account/me

Adding /api/auth if no path is provided, makes the URLs listed above incompatible with the local provider, as there is no base path I can provide.

If I provide localhost:8080 as baseURL it gets transformed to: localhost:8080/api/auth which does not make sense IMO.

What happens to internal $fetch calls? Remember that they have a limitation - they only work when path starts with a /. And here are two facts that break it:

This logic has been removed, in favour of checking if origin was provided. If you are using an internal API within your Nuxt Application, I do not expect the origin to be passed (as in all our our examples this is also not the case). If no origin is provided, the fetch requests are made internally, if one is provided they are handled as external URLs.

Example Nuxt configuration that currently breaks

```ts export default defineNuxtConfig({ modules: ['@sidebase/nuxt-auth'], runtimeConfig: { public: { api: { baseURL: 'http://localhost:8080' } } }, auth: { originEnvKey: 'NUXT_PUBLIC_API_BASE_URL', baseURL: 'http://localhost:8080', provider: { type: 'local', endpoints: { signIn: { path: '/auth/login', method: 'post' }, signUp: { path: '/auth/register', method: 'post' }, signOut: { path: '/auth/logout', method: 'post' }, getSession: { path: '/accounts/me', method: 'get' } }, pages: { login: '/auth/sign-in' }, token: { signInResponseTokenPointer: '/token', maxAgeInSeconds: 60 * 60 * 24 }, session: { dataType: { id: 'string', name: 'string', email: 'string', createdAt: 'number', members: '{ id: number, email: string, roles: string[] }[]' }, } }, sessionRefresh: { enableOnWindowFocus: true, enablePeriodically: 5000 }, globalAppMiddleware: { isEnabled: true } }, }) ```

[pkg-pr-new[bot]]

Open in Stackblitz

npm i https://pkg.pr.new/@sidebase/nuxt-auth@913

commit: 5d8bd04