nuxt-auth-utils icon indicating copy to clipboard operation
nuxt-auth-utils copied to clipboard
verified publisher icon Atinux

Allow setting the domain of the cookie to change its scope

Open genu opened this issue 1 year ago • 3 comments

I'm working on a project that has subdomains. I'd like to have the auth cookie be acessible by the parent domain as well as all subdomains.

In order for this to be possible, the cookie domain needs to be set with a preceeding dot in order to scope it to include sub domains.

For example, currently the cookie is always scope to the parent domain: example.com but I would like to be able to scope it to all subdomains instead by setting the cookie domain to: .example.com

genu avatar Jun 11 '24 14:06 genu

H3 is responsible for the session and cookie. You might be able to configure the cookie options like this:

export default defineNuxtConfig({
  runtimeConfig: {
    session: {
      {
        cookie: {
          domain: '.example.com'
        }
      }
    }
  }
})

See also: https://h3.unjs.io/examples/handle-cookie https://github.com/unjs/h3/blob/c04c458810e34eb15c1647e1369e7d7ef19f567d/src/utils/session.ts#L38

DavidDeSloovere avatar Aug 07 '24 07:08 DavidDeSloovere

Thanks for the suggestion, but I believe the domain property also needs to be supported in this module as well so the configuration can be passed it:

CleanShot 2024-08-07 at 23 33 04@2x

Its true, that I should be able to pass in the domain to h3 cookie, tghough

genu avatar Aug 08 '24 03:08 genu

I just tested it and seems to work. After running the red squiggle was gone for some reason.

image

image

Edit: You should also be able to use ENV variable. image

DavidDeSloovere avatar Aug 08 '24 06:08 DavidDeSloovere