Help with sidebase nuxt-auth failing to implement HttpOnly refresh token

Hi, has anyone used sidebase authentication library (nuxt-auth) with local provider?

I implemented the /login and /session successfully but I am failing to implement the /refresh token functionality. My API issues a HttpOnly refresh_token, it gets stored in cookie. I manage to call manually the refresh-token endpoint and get an updated access token but I get the ongoing /session request update the Bearer token thus after a few request it starts failing since the access token expiers.

auth: {
        isEnabled: true,
        logLevel: 'debug',
        baseURL: 'http://localhost:3000',
        redirect: {
            login: '/auth/login',
            logout: '/auth/login',
            home: '/'
        },
        provider: {
            type: 'local',
            pages: {
                login: '/auth/login'
            },
            endpoints: {
                signIn: { path: '/api/v1/login', method: 'post' },
                signOut: { path: '/logout', method: 'post' },
                signUp: false,
                getSession: { path: '/api/v1/session', method: 'get' },
                refresh: { path: '/api/v1/refresh-token', method: 'post' } // Use 'post' or 'get' depending on your backend
            },
            token: {
                signInResponseTokenPointer: '/data/token',
                type: 'Bearer',
                cookieName: 'token',
                headerName: 'Authorization',
                maxAgeInSeconds: 60,
                sameSiteAttribute: 'lax',
            },
            session: {
                dataType: {
                    id: 'string',
                    first_name: 'string',
                    last_name: 'string',
                    email: 'string',
                },
            },
        },
        sessionRefresh: {
            handler: './config/AuthRefreshHandler'
        },
        globalAppMiddleware: {
            isEnabled: true,
            addDefaultCallbackUrl: true
        },
    },

auth: {
        isEnabled: true,
        logLevel: 'debug',
        baseURL: 'http://localhost:3000',
        redirect: {
            login: '/auth/login',
            logout: '/auth/login',
            home: '/'
        },
        provider: {
            type: 'local',
            pages: {
                login: '/auth/login'
            },
            endpoints: {
                signIn: { path: '/api/v1/login', method: 'post' },
                signOut: { path: '/logout', method: 'post' },
                signUp: false,
                getSession: { path: '/api/v1/session', method: 'get' },
                refresh: { path: '/api/v1/refresh-token', method: 'post' } // Use 'post' or 'get' depending on your backend
            },
            token: {
                signInResponseTokenPointer: '/data/token',
                type: 'Bearer',
                cookieName: 'token',
                headerName: 'Authorization',
                maxAgeInSeconds: 60,
                sameSiteAttribute: 'lax',
            },
            session: {
                dataType: {
                    id: 'string',
                    first_name: 'string',
                    last_name: 'string',
                    email: 'string',
                },
            },
        },
        sessionRefresh: {
            handler: './config/AuthRefreshHandler'
        },
        globalAppMiddleware: {
            isEnabled: true,
            addDefaultCallbackUrl: true
        },
    },

auth: {
        isEnabled: true,
        logLevel: 'debug',
        baseURL: 'http://localhost:3000',
        redirect: {
            login: '/auth/login',
            logout: '/auth/login',
            home: '/'
        },
        provider: {
            type: 'local',
            pages: {
                login: '/auth/login'
            },
            endpoints: {
                signIn: { path: '/api/v1/login', method: 'post' },
                signOut: { path: '/logout', method: 'post' },
                signUp: false,
                getSession: { path: '/api/v1/session', method: 'get' },
                refresh: { path: '/api/v1/refresh-token', method: 'post' } // Use 'post' or 'get' depending on your backend
            },
            token: {
                signInResponseTokenPointer: '/data/token',
                type: 'Bearer',
                cookieName: 'token',
                headerName: 'Authorization',
                maxAgeInSeconds: 60,
                sameSiteAttribute: 'lax',
            },
            session: {
                dataType: {
                    id: 'string',
                    first_name: 'string',
                    last_name: 'string',
                    email: 'string',
                },
            },
        },
        sessionRefresh: {
            handler: './config/AuthRefreshHandler'
        },
        globalAppMiddleware: {
            isEnabled: true,
            addDefaultCallbackUrl: true
        },
    },

auth: {
        isEnabled: true,
        logLevel: 'debug',
        baseURL: 'http://localhost:3000',
        redirect: {
            login: '/auth/login',
            logout: '/auth/login',
            home: '/'
        },
        provider: {
            type: 'local',
            pages: {
                login: '/auth/login'
            },
            endpoints: {
                signIn: { path: '/api/v1/login', method: 'post' },
                signOut: { path: '/logout', method: 'post' },
                signUp: false,
                getSession: { path: '/api/v1/session', method: 'get' },
                refresh: { path: '/api/v1/refresh-token', method: 'post' } // Use 'post' or 'get' depending on your backend
            },
            token: {
                signInResponseTokenPointer: '/data/token',
                type: 'Bearer',
                cookieName: 'token',
                headerName: 'Authorization',
                maxAgeInSeconds: 60,
                sameSiteAttribute: 'lax',
            },
            session: {
                dataType: {
                    id: 'string',
                    first_name: 'string',
                    last_name: 'string',
                    email: 'string',
                },
            },
        },
        sessionRefresh: {
            handler: './config/AuthRefreshHandler'
        },
        globalAppMiddleware: {
            isEnabled: true,
            addDefaultCallbackUrl: true
        },
    },

Help with sidebase nuxt-auth failing to implement HttpOnly refresh token

Help with sidebase nuxt-auth failing to implement HttpOnly refresh token

Similar Threads

Similar Threads

Similar Threads