N
Nuxt3mo ago
nordwest

Help with sidebase nuxt-auth failing to implement HttpOnly refresh token

Hi, has anyone used sidebase authentication library (nuxt-auth) with local provider? I implemented the /login and /session successfully but I am failing to implement the /refresh token functionality. My API issues a HttpOnly refresh_token, it gets stored in cookie. I manage to call manually the refresh-token endpoint and get an updated access token but I get the ongoing /session request update the Bearer token thus after a few request it starts failing since the access token expiers. 
auth: {
        isEnabled: true,
        logLevel: 'debug',
        baseURL: 'http://localhost:3000',
        redirect: {
            login: '/auth/login',
            logout: '/auth/login',
            home: '/'
        },
        provider: {
            type: 'local',
            pages: {
                login: '/auth/login'
            },
            endpoints: {
                signIn: { path: '/api/v1/login', method: 'post' },
                signOut: { path: '/logout', method: 'post' },
                signUp: false,
                getSession: { path: '/api/v1/session', method: 'get' },
                refresh: { path: '/api/v1/refresh-token', method: 'post' } // Use 'post' or 'get' depending on your backend
            },
            token: {
                signInResponseTokenPointer: '/data/token',
                type: 'Bearer',
                cookieName: 'token',
                headerName: 'Authorization',
                maxAgeInSeconds: 60,
                sameSiteAttribute: 'lax',
            },
            session: {
                dataType: {
                    id: 'string',
                    first_name: 'string',
                    last_name: 'string',
                    email: 'string',
                },
            },
        },
        sessionRefresh: {
            handler: './config/AuthRefreshHandler'
        },
        globalAppMiddleware: {
            isEnabled: true,
            addDefaultCallbackUrl: true
        },
    },
auth: {
        isEnabled: true,
        logLevel: 'debug',
        baseURL: 'http://localhost:3000',
        redirect: {
            login: '/auth/login',
            logout: '/auth/login',
            home: '/'
        },
        provider: {
            type: 'local',
            pages: {
                login: '/auth/login'
            },
            endpoints: {
                signIn: { path: '/api/v1/login', method: 'post' },
                signOut: { path: '/logout', method: 'post' },
                signUp: false,
                getSession: { path: '/api/v1/session', method: 'get' },
                refresh: { path: '/api/v1/refresh-token', method: 'post' } // Use 'post' or 'get' depending on your backend
            },
            token: {
                signInResponseTokenPointer: '/data/token',
                type: 'Bearer',
                cookieName: 'token',
                headerName: 'Authorization',
                maxAgeInSeconds: 60,
                sameSiteAttribute: 'lax',
            },
            session: {
                dataType: {
                    id: 'string',
                    first_name: 'string',
                    last_name: 'string',
                    email: 'string',
                },
            },
        },
        sessionRefresh: {
            handler: './config/AuthRefreshHandler'
        },
        globalAppMiddleware: {
            isEnabled: true,
            addDefaultCallbackUrl: true
        },
    },
3 Replies
kapa.ai
kapa.ai3mo ago
Hi @nordwest. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave: ---------------------- I'm sorry, but the knowledge sources provided do not contain specific information about implementing refresh token functionality with the sidebase nuxt-auth library, especially regarding handling HttpOnly refresh tokens with a local provider. The sources cover general Nuxt 3 authentication patterns, cookie handling, and token refresh strategies, but do not address the sidebase nuxt-auth module or its configuration in detail. If you are experiencing issues where the access token is not updated after a refresh, and subsequent requests fail due to an expired token, this could be related to how the refreshed token is being stored and propagated in your application. However, without explicit documentation or examples for sidebase nuxt-auth in the provided sources, I cannot give a definitive solution. For more targeted help, I recommend checking the official documentation for sidebase nuxt-auth or seeking advice from the module's community or maintainers. If you have questions about general Nuxt 3 authentication or cookie management, I can assist with that based on the available sources. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------
kapa.ai
kapa.ai3mo ago
<@413600788066205696> Kapa.ai is still learning and improving, please let me know how I did by reacting below.
nordwest
nordwestOP3mo ago
How can I reset the Bearar token in the session requeast?

Did you find this page helpful?