Auth cookie

Hello Everyone, I have a nuxt 3 application with an auth system, when I log the user, i store the user data in a cookie this way :

useCookie('_auth', {
                sameSite: 'Strict',
                maxAge: 3600,
            }).value = this.user

useCookie('_auth', {
                sameSite: 'Strict',
                maxAge: 3600,
            }).value = this.user

And I have a global client middleware that will feed my pinia data thanks to this cookie

    state: () => ({
        authenticated: false,
        action: null,
        user: {},
    }),

initialize() {
            const authCookie = useCookie('_auth')

            if (authCookie.value) {
                this.user = authCookie.value
                this.authenticated = true
            }
        },

    state: () => ({
        authenticated: false,
        action: null,
        user: {},
    }),

initialize() {
            const authCookie = useCookie('_auth')

            if (authCookie.value) {
                this.user = authCookie.value
                this.authenticated = true
            }
        },

All of this works fine, the problem is that a malecious user can modify the contents of their own user's cookie to access things they shouldn't, how can i prevent it?

Auth cookie

Similar Threads

Auth cookie

Similar Threads

Similar Threads

Similar Threads