nuxt-auth The user is logged out if the logged status is 'pending' due to a data refetch

Environment

Operating System: Darwin
Node Version: v23.9.0
Nuxt Version: 3.15.4
CLI Version: 3.21.1
Nitro Version: 2.10.4
Package Manager: [email protected]
Builder: -
User Config: devtools, experimental, app, runtimeConfig, routeRules, build, vite, modules, hotjar, gtag, gtm, auth, eslint, pinia, i18n, imports, svgo, compatibilityDate
Runtime Modules: @sidebase/[email protected], @nuxtjs/[email protected], [email protected], @vueuse/[email protected], @nuxt/[email protected], @nuxtjs/[email protected], @pinia/[email protected], [email protected], [email protected], [email protected]
Build Modules: -

Reproduction

use the local provider
add some external backend
trigger a refetch (either change your focused window, add a refresh interval, add a refresh token with a short lifespan)
perform any action while the data is being fetched

Describe the bug

The user shouldn't be thrown out when the session data is being fetched, especially if the refreshToken isn't actually expired

Additional context

No response

Logs

Mar 10 '25 12:03 clcoco

Hi @clcoco , thanks for your report. I don't have an external backend to reproduce the issue at the moment, but there's a lot of bug-fixes and feature work planned for the local provider in Q2 2025, so I will definitely revisit this issue in the coming weeks.

Apr 03 '25 08:04 phoenix-ru

Similar issue: #621

Apr 24 '25 15:04 phoenix-ru

Same issue here, if the status is pending and we suddenly refresh the page or navigate to other page, it's gonna get logged out. didn't had time for reproduction but this is my config if it helps.

    auth: {
        isEnabled: true,
        globalAppMiddleware: true,
        baseURL: process.env.NUXT_PUBLIC_BASE_URL
        ? `${process.env.NUXT_PUBLIC_BASE_URL}/userarea/`
        : 'http://127.0.0.1:8000/userarea/',
        provider: {
        type: 'local',
        pages: {
            login: '/auth/login',
        },
        token: {
            signInResponseTokenPointer: '/access',
            type: 'Bearer',
            cookieName: 'auth.access',
            headerName: 'Authorization',
            maxAgeInSeconds: 60 * 3,
            sameSiteAttribute: 'lax',
            secureCookieAttribute: false,
            httpOnlyCookieAttribute: false,
        },
        endpoints: {
            signIn: { path: 'login/', method: 'POST' },
            signOut: { path: 'logout/', method: 'POST' },
            signUp: { path: 'register/', method: 'POST' },
            getSession: { path: 'profile/', method: 'GET' },
        },
        refresh: {
                isEnabled:true,
                refreshOnlyToken: true,
                token: {
                signInResponseRefreshTokenPointer: '/refresh',
                refreshRequestTokenPointer: '/refresh',
                cookieName: 'auth.refresh',
                maxAgeInSeconds: 60 * 60 * 24 * 24,
                sameSiteAttribute: 'lax',
                secureCookieAttribute: false,
                httpOnlyCookieAttribute: false,
            },
            endpoint: {
                path: 'refresh',
                method: 'POST',
            },
        },
        },
        sessionRefresh: {
            enablePeriodically: 1000 * 60,
            enableOnWindowFocus: false,
        },
    },

Aug 21 '25 23:08 abolix

Please try if #1033 solves the issue for you:

npm i https://pkg.pr.new/@sidebase/nuxt-auth@1033

Sep 11 '25 09:09 phoenix-ru