Intevel
What is the strategy for extending a users session?
I'm new to Nuxt and Directus
My main question is does Nuxt-Directus have a strategy or recommendation for extending the session?
I've tried the directus sdk and found it left managing the directus session to the developer (I think....)
This is the second time I've tried nuxt-directus in my code, login and logout works but automatic logout happens after about 15 minutes.
Can we extend the session inside middleware? Right now I'm using something like this:
//MyPage.vue
<script setup>
const { refreshTokens } = useDirectusToken();
refreshTokens()
this is being done in the Vue file, which I feel is not ideal, but for some reason this code did not function properly in middleware.
Thanks for reading.
You don't need to manually refresh the tokens Right? it happens automatically using the module.
@Nisthar The session does not kept on cookies and logout happens after refresh the browser, I installed version 5.6.1 and it's works fine, the issue caused by latest version
You don't need to manually refresh the tokens Right? it happens automatically using the module.
indeed: https://github.com/Intevel/nuxt-directus/blob/706fa0482b14944d49874e967d3d1ae27daff1cb/src/runtime/plugin.ts#L11
although since nuxt 3.12 (iirc) the current approach can be inconsistent for ssr (it would require useRequestFetch under the hood). This creates a number of edge cases that all need different approaches (it was already part of my rewrite, that I started a year ago 😔)
@Maximus-5 could you tell me if you self host directus via Docker? There is also another edge-case there that makes sessions last exactly 15 minutes. But I need to dig into my notes, since it has been some time since last time I encountered this. If so, could you also share the docker-compose file?
@sandros94
directus:
image: directus/directus:latest
ports:
- 8055:8055
expose:
- "8055"
volumes:
- ./database:/directus/database
- ./uploads:/directus/uploads
- ./extensions:/directus/extensions
environment:
SECRET: "example"
ADMIN_EMAIL: "[email protected]"
ADMIN_PASSWORD: "example"
DB_CLIENT: "sqlite3"
DB_FILENAME: "/directus/database/database.sqlite"
WEBSOCKETS_ENABLED: "true"
PUBLIC_URL: http://mysite.com
TELEMETRY: false
Thanks for your reply. The compose is something like this, we are also using caddy.
// refresh http request using a cookie
const result = await client.request(refresh('cookie'));
// refresh http request using json
const result = await client.request(refresh('json', refresh_token));
I was just wondering, what is the difference in directus for using a cookie or json for auth? I don't think the benefits of each approach are covered in the documentation.
@Maximus-5 change the ACCESS_TOKEN_TTL from 15m to what you need on your docker-compose file
ref: https://docs.directus.io/self-hosted/config-options.html#security
Indeed, as @mahsamirzapour suggested, making it longer helps. But still it should be automatically refreshed by the module, this means that something is blocking it
// refresh http request using a cookie const result = await client.request(refresh('cookie')); // refresh http request using json const result = await client.request(refresh('json', refresh_token));I was just wondering, what is the difference in directus for using a cookie or json for auth? I don't think the benefits of each approach are covered in the documentation.
For the SDK when you auth via cookie, Directus will handle the read, refresh and set of cookies. While for json you must handle token's storage yourself.
@sandros94 Hi, how about incress cookieMaxAge on module option?
Shouldn't be an issue. It currently defaults to 7 days, but editable via directus.cookieMaxAge in your nuxt.config.ts:
https://github.com/Intevel/nuxt-directus/blob/706fa0482b14944d49874e967d3d1ae27daff1cb/src/module.ts#L64-L70
@sandros94 So everything works correctly hm? and something else, a year ago nuxt-directus-next module was very very cool and I used for my project, can you bring that again?
@sandros94 So everything works correctly hm? and something else, a year ago nuxt-directus-next module was very very cool and I used for my project, can you bring that again?
In a few weeks I should be able to get back on the development of this module. Indeed I was considering going back to an sdk approach as it was with nuxt-directus-next, since I've also resolved some of the type issues I was having
@sandros94 Can you tell me how handle token's storage myself? I'm little bit confused, I'm just using the nuxt-directus module and I don't using sdk
@mahsamirzapour if you need to handle the token storage not via module nor via sdk it completely depends on your use case and project. There are many different ways to do so and no any best way.
Best I can help would be to point you to the upstream docs, since I would consider this being mostly out of scope for this issue (but feel free to open up a Discussion if you want):
@Maximus-5 Did you solved that issue? please let me know if you did because I have the same issue
@Intevel Hi, please fix the SSR cookies issue 😞😞😞
Could I ask you a small reproduction, either via StackBlitz or a GitHub repository? I haven't understood your situation, yet, and there are many things that might deleting the cookies (browser privacy settings; Nuxt fails to pass them to Directus during SSR; other edge-cases)
@sandros94 Hi, the directus deployed on my vps and I development the nuxt app on my localhost, when I logged in via session and on fetched user logged in I got 401 on my console, and also deleted cookies via cookies strategy
Hi!
Could you clarify how you're connecting to Directus? Are you using a public hostname or a local one?
Additionally, please share any examples (StackBlitz or Repo) that might help us reproduce the issue you're facing. This will help us understand your current problem.
