sidebase
ProviderLocalRefresh doesn't store the cookie for the auth token
Environment
- Operating System:
Darwin - Node Version:
v18.17.1 - Nuxt Version:
3.11.0 - CLI Version:
3.10.1 - Nitro Version:
2.9.4 - Package Manager:
[email protected] - Builder:
- - User Config:
devtools,modules,srcDir,image,i18n,colorMode,app,components,runtimeConfig,auth - Runtime Modules:
@nuxtjs/[email protected],@nuxt/[email protected],@nuxt/[email protected],@nuxtjs/[email protected],@nuxtjs/[email protected],@pinia/[email protected],@sidebase/[email protected] - Build Modules:
-
Reproduction
Start a new project, using this auth configuration:
auth: { globalAppMiddleware: { isEnabled: true }, // Important, this variable is set at build time baseURL: process.env.AUTH_BASE_URL // https://sidebase.io/nuxt-auth/configuration/nuxt-config provider: { type: 'refresh', pages: { login: '/auth/login' }, endpoints: { signIn: { path: '/api/login', method: 'post' }, getSession: { path: '/api/v1/user/data', method: 'get' } // signOut: { path: '/logout', method: 'post' }, // signUp: { path: '/register', method: 'post' }, },
refreshToken: {
signInResponseRefreshTokenPointer: '/refresh_token'
},
token: {
signInResponseTokenPointer: '/token'
}
}
}
Describe the bug
Using that configuration only the refresh token is stored at the cookie, not the session token.
We have tested it and detected that changing the same-site attribute of the token cookie to "lax" it works, but by default the same-site attribute is setted as "none" for that schema. According to the source code the default value should be "lax" (https://github.com/sidebase/nuxt-auth/blob/cb3db19563f8cb3af6dd63097e91305697c3ce8a/src/runtime/types.ts#L168)
Additional context
No response
Logs
No response
@agracia-foticos I don't think it is related, as #790 refers to authjs provider, while this refers to refresh provider
Hello I had a similar issue and I solved it by clearing the browser data. But before doing that, try checking if the problem is solved in an incognito browser window.
