hebilicious / authjs-nuxt Goto Github PK

Environment

[auth][error][SignInError]: Read more at https://errors.authjs.dev#signinerror 3:25:33 PM
[auth][cause]: TypeError: crypto.getRandomValues is not a function

Reproduction

Describe the bug

node_modules/oauth4webapi/build/index.js:237:24

function randomBytes() {
    return b64u(crypto.getRandomValues(new Uint8Array(32)));
}

Additional context

No response

Logs

Node.js v16.19.1.

No response

Hi,

The #auth virtual import is giving me the following error:

Package import specifier "#auth" is not defined in package

I am not sure why this is happening and it's probably just due to my ignorance.

Environment

"devDependencies": {
"@auth/core": "^0.9.0",
"@hebilicious/authjs-nuxt": "^0.2.0-beta.5",
"nuxt": "^3.6"
}

Reproduction

Sorry for the many issues, but I'm trying to get this to work. My problem is that the login with google works on localhost but not on vercel-edge. It does nothing and it's really hard to debug.

Here is a reproduction: https://edgenu.vercel.app (credentials work fine, but google doesn't).
The code is at https://github.com/cosbgn/edgenu

Describe the bug

Clicking on login with google does nothing when deployed. On local host it works perfectly.

Additional context

Feel free to use these to test:

GOOGLE_CLIENT_ID="532721228880-jd6okhq4o9hv47fv4krbfvn5ggk81t2i.apps.googleusercontent.com"
GOOGLE_CLIENT_SECRET="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"

Logs

No response

Environment

node 18.0.0
pnpm 8.6.1

Reproduction

https://github.com/dissy123/authjs-nuxt/tree/fix/keycloak

Describe the bug

appendHeader not found in utils.ts maybe check type?

When I change this line it works:

de8c9fc

Testet only with keycloak provider

Additional context

No response

Logs

playground_keycloak:dev: [nuxt] [request error] [unhandled] [500] event.node.res.appendHeader is not a function
playground_keycloak:dev:   at respondWithResponse (./.nuxt/dev/index.mjs:851:22)  
playground_keycloak:dev:   at ./.nuxt/dev/index.mjs:890:12  
playground_keycloak:dev:   at process.processTicksAndRejections (node:internal/process/task_queues:95:5)  
playground_keycloak:dev:   at async Object.handler (/Users/matthiasdollfuss/00_Dev/authjs-nuxt-new/node_modules/.pnpm/[email protected]/node_modules/h3/dist/index.mjs:1284:19)  
playground_keycloak:dev:   at async Server.toNodeHandle (/Users/matthiasdollfuss/00_Dev/authjs-nuxt-new/node_modules/.pnpm/[email protected]/node_modules/h3/dist/index.mjs:1359:7)
playground_keycloak:dev: [nuxt] [request error] [unhandled] [500] event.node.res.appendHeader is not a function

Hi,

I'm getting this error with this module:

Uncaught SyntaxError: The requested module '/_nuxt/node_modules/cookie/index.js?v=41251351' does not provide an export named 'parse' (at web.js?v=41251351:1:10)

When I tried to implement it myself, I don't get this error (it works locally), but I can't build for CF Pages, because of crypto dependency, which I can't get rid of.

Environment

"@auth/core": "^0.9.0",
"@hebilicious/authjs-nuxt": "^0.1.1",

node: 18.16.0
nuxt: 3.5.2

export const authOptions: AuthConfig = {
  secret: runtimeConfig.authJs.secret,
  pages: {
    signIn: "/login",
  },
  providers: [
    CredentialsProvider({
      name: "Credentials",
      // @ts-expect-error ignore
      async authorize(credentials, _request) {
        return await mockLogin(credentials as Credentials);
      },
    }),
  ],
  trustHost: true,
  callbacks: {
    session({ session, token }) {
      session.user = token.user as Record<string, string>;
      return session;
    },
    jwt({ token, user }) {
      if (user) {
        token.user = user;
      }
      return token;
    },
  },
  session: {
    strategy: "jwt",
  },
};

nuxt.config.ts

  authJs: {
    guestRedirectTo: "/login",
    verifyClientOnEveryRequest: false,
    baseUrl: "",
  }

Reproduction

One login page "/login", one protected route with "auth" middleware, setup as provided in environment

Describe the bug

I have one protected page with "auth" middleware, one unprotected /login page. The loging part works, but when i applied the "auth" middleware whenever i try to access "/" route i get:
[Vue Router warn]: Detected a possibly infinite redirection in a navigation guard when going from "/" to "/". Aborting to avoid a Stack Overflow. 20:05:32 Are you always returning a new location within a navigation guard? That would lead to this error. Only return when redirecting or aborting, that should fix this. This might break in production if not fixed. [nuxt] Calling useRoute within middleware may lead to misleading results. Instead, use the (to, from) arguments passed to the middleware to access the new and old routes.

Additional context

No response

Logs

No response

[nuxt] [request error] [unhandled] [500] splitCookiesString is not defined 19:44:13
at respondWithResponse

Environment

• Operating System: Windows_NT
• Node Version: v20.5.1
• Nuxt Version: 3.7.1
• CLI Version: 3.8.1
• Package Manager: [email protected]
• User Config: alias, css, build, nitro, vite,
  typescript, imports, runtimeConfig, modules, authJs, googleFonts, pinia, unocss
• Runtime Modules: @hebilicious/[email protected],
  @nuxtjs/[email protected], @pinia/[email protected], @unocss/[email protected], @vueuse/[email protected]

Reproduction

N/A

Describe the bug

Running signIn function in production gives me a crypto module error for some reason

Additional context

No response

Logs

[auth][error][SignInError]: Read more at https://errors.authjs.dev#signinerror

[auth][cause]: TypeError: crypto.getRandomValues is not a function

at randomBytes (file:///app/.output/server/node_modules/oauth4webapi/build/index.js:237:24)

at Module.generateRandomCodeVerifier (file:///app/.output/server/node_modules/oauth4webapi/build/index.js:240:12)

at Object.create (file:///app/.output/server/node_modules/@auth/core/lib/oauth/checks.js:23:33)

at getAuthorizationUrl (file:///app/.output/server/node_modules/@auth/core/lib/oauth/authorization-url.js:57:57)

at processTicksAndRejections (node:internal/process/task_queues:96:5)

at async Module.signin (file:///app/.output/server/node_modules/@auth/core/lib/routes/signin.js:15:20)

at async AuthInternal (file:///app/.output/server/node_modules/@auth/core/lib/index.js:112:36)

at async Auth (file:///app/.output/server/node_modules/@auth/core/index.js:100:30)

at async file:///app/.output/server/chunks/nitro/node-server.mjs:7238:22

at async Object.handler (file:///app/.output/server/chunks/nitro/node-server.mjs:2380:19)

[auth][details]: {

"provider": "google"

}

Environment

"@auth/core": "^0.10.4",
"nuxt": "^3.6.3"
"@hebilicious/authjs-nuxt": "^0.3.0-beta.2",
"nitropack": "npm:nitropack-edge@latest"
"h3": "1.8.0-rc.3", 

Reproduction

1. Create nuxt 3 application
2. Follow getting started steps from this module https://authjs-nuxt.pages.dev/getting-started.html
3. Deploy application on the vercel with NITRO_PRESET="vercel-edge"

Describe the bug

Following steps in getting started in documentation and deploying on the vercel-edge leads to not working application.
I created empty nuxt 3 application and installed this module, but after deploying on vercel-edge I am getting error

https://nuxt3-test-rho.vercel.app/
https://github.com/sphex813/nuxt3-test

Additional context

No response

Logs

No response

the api url returning 404 while use authjs-nuxt with vite-pwa

Environment

Nuxt project info:

• Operating System: Windows_NT
• Node Version: v18.16.0
• Nuxt Version: 3.6.1
• Nitro Version: 2.5.2
• Package Manager: [email protected]
• Builder: vite
• User Config: devtools, modules, runtimeConfig, alias
• Runtime Modules: @hebilicious/[email protected]
• Build Modules: -

nuxt.config.ts

import { resolve } from "node:path";
// https://nuxt.com/docs/api/configuration/nuxt-config
export default defineNuxtConfig({
  devtools: { enabled: true },
  modules: ["@hebilicious/authjs-nuxt"],
  runtimeConfig: {
    authJs: {
      secret: "secret1234567890", // You can generate one with `openssl rand -base64 32`
    },
    public: {
      authJs: {
        baseUrl: "http://localhost:3000", // The base URL is used for the Origin Check in prod only
        verifyClientOnEveryRequest: true, // whether to hit the /auth/session endpoint on every client request
        guestRedirectTo: "/login",
      },
    },
  },
  alias: {
    cookie: resolve(__dirname, "node_modules/cookie"),
    jose: resolve(__dirname, "node_modules/jose/dist/browser/index.js"),
    "@panva/hkdf": resolve(
      __dirname,
      "node_modules/@panva/hkdf/dist/web/index.js"
    ),
  },
});

Reproduction

Repo:
https://github.com/janrudowski/nuxt-auth-middleware-issue

There are two routes: /login and index. index is protected with "auth" middleware. Access the login page. Press the log in button.
After redirecting there should be the "500
Unknown route middleware: 'auth'. Valid middleware: ," error

Describe the bug

After logging in middleware error is displayed:

500
Unknown route middleware: 'auth'. Valid middleware: .

Additional context

No response

Logs

{ "url": "/", "statusCode": 500, "statusMessage": "", "message": "Unknown route middleware: 'auth'. Valid middleware: .", "stack": "<pre><span class=\"stack internal\">at E:\\dev\\nuxt\\test\\node_modules\\.pnpm\\[email protected]_@[email protected]\\node_modules\\nuxt\\dist\\pages\\runtime\\plugins\\router.js:126:21</span></pre>" }

Environment

"@auth/core": "^0.10.0",
"@hebilicious/authjs-nuxt": "0.2.0-beta.5"

Reproduction

signIn('credentials', { ...credentials.value, redirect: false })

Describe the bug

signIn() should return

Promise<{
    error: string | undefined
    status: number
    ok: boolean
    url: string | null
}>

when the option redirect is false
as https://next-auth.js.org/getting-started/client#using-the-redirect-false-option

I cant find the page on the authjs.dev site.

I managed to get the correct behavior temporarily editing useAuth.d.ts like that :

    signIn: <T extends auth.SignInOptions>(
            providerId?: auth.LiteralUnion<import("@auth/core/providers").BuiltInProviderType> | undefined, 
            options?: T, 
            authorizationParams?: auth.SignInAuthorizationParams | undefined
        ) => T extends { redirect: false } ? Promise<{
            error: string | undefined
            status: number
            ok: boolean
            url: string | null
        }> : void;

Additional context

No response

Logs

No response

Describe the feature

(Adding this as a feature because this code is still labeled as "alpha", but depending of the point of view people could consider it as a bug.)

In Auth.js there is possibility to change cookie options, with the name property being one of them: https://next-auth.js.org/configuration/options#cookies.

When having a separate auth service and using authjs-nuxt to connect to it, cookies are not found because there couple of hard-coded nuxt-auth values around the code.

https://github.com/Hebilicious/authjs-nuxt/blob/main/packages/authjs-nuxt/src/runtime/composables/useAuth.ts#L13 and https://github.com/Hebilicious/authjs-nuxt/blob/main/packages/authjs-nuxt/src/runtime/utils.ts#L39

Adding an option to nuxt.config can make this work and prevent missing cookies :)

Additional information

• Would you be willing to help implement this feature?

Describe the feature

Hi, the current version is pinned to @auth/[email protected] it would be great to pin it to the latest @auth/[email protected].

Would it be possible to unpin it and keep them completely separate? So that there is no need to update authjs-nuxt for every @auth/core new release.

Thank you for your work, this library is now working perfectly on the edge!

Additional information

• Would you be willing to help implement this feature?

works on dev, but in production like this

Environment

node : v18.15.0

{
"name": "nuxt-app",
"private": true,
"scripts": {
"build": "nuxt build",
"dev": "nuxt dev --https --ssl-cert cert.pem --ssl-key key.pem",
"generate": "nuxt generate",
"preview": "nuxt preview",
"postinstall": "nuxt prepare"
},
"devDependencies": {
"@nuxt/devtools": "latest",
"nuxt": "^3.7.0",
"nuxt-security": "^0.14.4"
},
"dependencies": {
"@auth/core": "^0.10.4",
"@hebilicious/authjs-nuxt": "^0.3.0-beta.2",
"@pinia/nuxt": "^0.4.11",
"h3": "^1.8.1", //< added manually to better match your example in getting started.
"next-auth": "^4.23.1",
"sass": "^1.66.1"
}
}

Reproduction

basically the same as the getting-strted.
repo link can be provided as needed

Describe the bug

I created a brand new nuxt project with minimal changes attempted to use sidewinder but face multiple issues, moved to this repo. I got the basics working however using the example in 'getting started' the js login button gets to the code endpoint i get the 'localhost didn't send any data' error, the 'Native Link Sign in' worked however clicking the Azuread button on that page also errors with no content.

Additional context

I am moving an existing vue3 SPA app to nuxt but require auth t work first hence the relatively empty repo

Logs

No response

Environment

Nuxt project info:

• Operating System: Linux
• Node Version: v20.5.0
• Nuxt Version: 3.7.1
• CLI Version: 3.8.0
• Nitro Version: 2.6.3-28235083.5639f5b
• Package Manager: [email protected]
• Builder: -
• User Config: -
• Runtime Modules: @hebilicious/[email protected]
• Build Modules: -

Reproduction

New instaled nuxt with modules

Describe the bug

-Nuxt 3.7.1 with Nitro 2.6.3-28235083.5639f5b
ERROR Cannot start nuxt: kit.writeTypes is not a function

Additional context

No response

Logs

No response

Environment

Nuxt 3 with auth module

Reproduction

https://github.com/imcm7/nuxt-db/

Describe the bug

If I use code

authOptions file

// Refer to Auth.js docs for more details
export const authOptions: AuthConfig = {
    async authorize(credentials): Promise<User | null> { // authorize(credentials, request)
            try {
                 const event: H3Event = useEvent();
            }

it work if is imported in /api/auth/[...].ts but not work if

export default defineNitroPlugin((nitroApp: NitroApp) => {
   nitroApp.router.add(
         newRoute,
         NuxtAuthHandler(authOptions, runtimeConfig),
         method.requestMethod
   );
}

Additional context

But NuxtAuthHandler use eventHandler(async (event) => {}) where I see the event.

export function NuxtAuthHandler(options, runtimeConfig) {
  return eventHandler(async (event) => {
    options.trustHost ??= true;
    options.skipCSRFCheck = skipCSRFCheck;
    const request = await getRequestFromEvent(event);
    if (request.url.includes(".js.map"))
      return;
    checkOrigin(request, runtimeConfig);
    const response = await Auth(request, options);
    return response;
  });
}

Logs

No response

Environment

nuxt 3.6

Reproduction

https://github.com/cosbgn/edgenu

Describe the bug

I'm trying to get it to work with google. I'm getting Uncaught SyntaxError: ambiguous indirect export: parse, from

//web.js
import { parse as parseCookie, serialize } from "/_nuxt/node_modules/cookie/index.js?v=49812851";

Additional context

What am I doing wrong?

Logs

No response

Environment

Nuxt project info: 14:22:52

• Operating System: Windows_NT
• Node Version: v18.17.1
• Nuxt Version: 3.7.4
• CLI Version: 3.9.0
• Nitro Version: 2.6.3
• Package Manager: [email protected]
• Builder: -
• User Config: modules, devtools, alias, devServer
• Runtime Modules: @hebilicious/[email protected]
• Build Modules: -

Reproduction

https://github.com/m0zz094/authjs-nuxt-bug

Describe the bug

I have a catch all route where, if the page path is equal to "/reserved-area", i want to add the auth middleware, it looks like this is not working right now

Additional context

No response

Logs

[Vue Router warn]: Detected a possibly infinite redirection in a navigation guard when going from "/reserved-area" to "/login". Aborting to avoid a Stack Overflow.
 Are you always returning a new location within a navigation guard? That would lead to this error. Only return when redirecting or aborting, that should fix this. This might break in production if not fixed.
[nuxt] Calling `useRoute` within middleware may lead to misleading results. Instead, use the (to, from) arguments passed to the middleware to access the new and old routes.
Removing session

Environment

• Operating System: Linux
• Node Version: v20.6.1
• Nuxt Version: 3.8.0-28267841.4063b498
• CLI Version: 3.9.1-1695234696.c4b90f7
• Nitro Version: 2.6.3
• Package Manager: [email protected]
• Runtime Modules: @hebilicious/[email protected]

Reproduction

https://github.com/imcm7/nuxt-db/blob/8362c342a7ddd154255ef8c7c94869a1b80d7673/server/api/%5B...%5D.ts#L77

Describe the bug

In export default NuxtAuthHandler(authOptions, runtimeConfig), in the async authorize(credentials, request) the request is not of typr 'H3Event'.

Additional context

No response

Logs

No response

Describe the feature

Hi, i think it would make sense to mention in the Readme / Documentation that Nuxt automatically maps a .env file to the runtimeConfig

This

// nuxt.config.ts
export default defineNuxtConfig({
    // ...
    runtimeConfig: {
        authJs: {
            secret: ''
        }
    }
    // ...
})

automatically maps to (if you have the NUXT_ infront)

NUXT_AUTH_JS_SECRET=...

Additional information

• Would you be willing to help implement this feature?

This snippet from the docs needs fixing I think:

export default defineNuxtConfig({
...
  runtimeConfig: {
    authJs: {
      secret: process.env.NUXT_NEXTAUTH_SECRET // You can generate one with `openssl rand -base64 32`
    },
    github: {
      clientId: process.env.NUXT_GITHUB_CLIENT_ID,
      clientSecret: process.env.NUXT_GITHUB_CLIENT_SECRET
    },
    public: {
      authJs: {
        baseUrl: process.env.NUXT_NEXTAUTH_URL, // The base URL is used for the Origin Check in prod only
        verifyClientOnEveryRequest: true // whether to hit the /auth/session endpoint on every client request
      }
    }
  }
})

I am not sure if environment variables can be accessed there.

https://nuxt.com/docs/guide/going-further/runtime-config#environment-variables

I was able to set the secret by setting the NUXT_AUTH_JS_SECRET environment variable. See Nuxt docs above.

Describe the feature

Hi, i'm trying to merge the Session type with my own,
I'm using "@hebilicious/authjs-nuxt": "0.2.0-beta.5" and "@auth/core": "^0.10.0"

I tryed :

// as in https://authjs.dev/getting-started/typescript#main-module
declare module 'next-auth' {
  interface Session {
      user?: User
  } 
}

declare module 'authjs-nuxt' {
  interface Session {
      user?: User
  } 
}

declare module '#auth' {
  interface Session {
      user?: User
  } 
}

Without success, it would be nice if it was possible with #auth

Additional information

• Would you be willing to help implement this feature?

Environment

{
  "name": "nuxt-auth-app",
  "private": true,
  "scripts": {
    "build": "nuxt build",
    "dev": "nuxt dev",
    "generate": "nuxt generate",
    "preview": "nuxt preview",
    "postinstall": "nuxt prepare"
  },
  "devDependencies": {
    "@nuxt/devtools": "latest",
    "@nuxtjs/color-mode": "^3.3.0",
    "@nuxtjs/google-fonts": "^3.0.1",
    "@nuxtjs/tailwindcss": "^6.8.0",
    "@pinia/nuxt": "^0.4.11",
    "@types/bcryptjs": "^2.4.2",
    "@types/node": "20.4.2",
    "nuxt": "3.6.3",
    "nuxt-icon": "^0.4.2",
    "typescript": "^5.1.6",
    "vue-tsc": "1.8.5"
  },
  "dependencies": {
    "@auth/core": "^0.9.0",
    "@hebilicious/authjs-nuxt": "0.1.4",
    "@vuelidate/core": "^2.0.3",
    "@vuelidate/validators": "^2.0.3",
    "bcryptjs": "^2.4.3",
    "joi": "^17.9.2",
    "mongoose": "7.3.4",
    "pinia": "^2.1.4",
    "vue-sonner": "^0.3.3"
  }
}

Reproduction

https://codesandbox.io/p/sandbox/github/nuxt/starter/tree/v3

Describe the bug

Upon completing the installation and configuration process and subsequently initiating my development server, I encountered an error message when inspecting my console: utils.mjs:2 Uncaught SyntaxError: The requested module '/_nuxt/node_modules/set-cookie-parser/lib/set-cookie.js?v=4e1359b9' does not provide an export named 'default' (at utils.mjs:2:8)

Additional context

No response

Logs

`utils.mjs:2 Uncaught SyntaxError: The requested module '/_nuxt/node_modules/set-cookie-parser/lib/set-cookie.js?v=4e1359b9' does not provide an export named 'default' (at utils.mjs:2:8)`

Environment

Turborepo w/ Nuxt 3.6.2 and node 18.17.0

Reproduction

app.vue

<script setup lang="ts">
// import HeaderNav from './components/HeaderNav.vue'
</script>

<template>
  <div>
    <!-- <HeaderNav /> -->
    <!-- Markup shared across all pages, ex: NavBar -->
    <NuxtPage />
  </div>
</template>

server/api/auth/[...].ts

import Auth0Provider from '@auth/core/providers/auth0'
import type { AuthConfig } from '@auth/core/types'
import { NuxtAuthHandler } from '#auth'

// The #auth virtual import comes from this module. You can use it on the client
// and server side, however not every export is universal. For example do not
// use sign-in and sign-out on the server side.

const runtimeConfig = useRuntimeConfig()
console.log(runtimeConfig)
// Refer to Auth.js docs for more details
export const authOptions: AuthConfig = {
  secret: runtimeConfig.authJs.secret,
  providers: [
    Auth0Provider({
      clientId: runtimeConfig.auth0.clientId,
      clientSecret: runtimeConfig.auth0.clientSecret,
      issuer: runtimeConfig.auth0.issuer,
    }),
  ],
}

export default NuxtAuthHandler(authOptions, runtimeConfig)

nuxt.config.ts

import { resolve } from 'node:path'

// https://nuxt.com/docs/api/configuration/nuxt-config
export default defineNuxtConfig({
  modules: ['@hebilicious/authjs-nuxt', '@nuxt/image', '@pinia/nuxt'],
  alias: {
    'cookie': resolve(__dirname, '../../node_modules/cookie'),
    'jose': resolve(__dirname, '../../node_modules/jose/dist/browser/index.js'),
    '@panva/hkdf': resolve(__dirname, '../../node_modules/@panva/hkdf/dist/web/index.js'),
  },
  nitro: {
    preset: 'vercel-edge',
  },
  // ssr: true,
  runtimeConfig: {
    app: {
      DATAHUB_FIRM: process.env.DATAHUB_FIRM,
    },
    authJs: {
      secret: process.env.AUTH_SECRET, // You can generate one with `openssl rand -base64 32`
    },
    auth0: {
      clientId: process.env.AUTH0_CLIENT_ID,
      clientSecret: process.env.AUTH0_CLIENT_SECRET,
      issuer: process.env.AUTH0_ISSUER,
    },
    public: {
      authJs: {
        baseUrl: process.env.NUXT_NEXTAUTH_URL, // The base URL is used for the Origin Check in prod only
        verifyClientOnEveryRequest: true, // whether to hit the /auth/session endpoint on every client request
      },
    },
  },
})

pages/login.vue

<script setup lang="ts">
const { signIn, signOut, session, status, cookies } = useAuth()
</script>

<template>
  <div>
    <div>
      <a href="/api/auth/signin" class="buttonPrimary">Native Link Sign in</a>
      <button @click="signIn(`auth0`)">
        JS Sign In
      </button>
      <button @click="signOut()">
        Sign Out
      </button>
    </div>
    <div>
      <pre>{{ status }}</pre>
      <pre>{{ session?.user }}</pre>
      <pre>{{ cookies }}</pre>
    </div>
  </div>
</template>

protected page pages/store-test.vue

<script setup lang="ts">
// import HeaderNav from './components/HeaderNav'
import { ref } from 'vue'
import { useCounter } from '../stores/examples'
definePageMeta({ auth: true })
const counter = useCounter()
const usePatch = ref(true)
const n = ref(0)
</script>

<template>
  <!-- <HeaderNav /> -->
  <h2>Local variables</h2>

  <button @click="n++">
    Increment local: {{ n }}
  </button>

  <h2>Counter Store</h2>

  <p>Counter :{{ counter.n }}. Double: {{ counter.double }}</p>

  <p>
    Increment the Store <br>

    <button @click="counter.increment()">
      +1
    </button>
    <button @click="counter.increment(10)">
      +10
    </button>
    <button @click="counter.increment(100)">
      +100
    </button>
    <button @click="counter.n++">
      Direct Increment
    </button>
    <button
      @click="
        counter.$patch((state) => {
          state.n++
          state.incrementedTimes++
        })
      "
    >
      Direct patch
    </button>
  </p>

  <p>
    Other actions <br>

    <button @click="counter.fail">
      Fail
    </button>
    <button @click="counter.decrementToZero(300, usePatch)">
      Decrement to zero
    </button>
    <button @click="counter.changeMe()">
      <code>counter.changeMe()</code>
    </button>
  </p>

  <hr>

  <p><code>counter.$state</code>:</p>

  <pre>{{ counter.$state }}</pre>
</template>

<style scoped>
button {
  margin-right: 0.5rem;
  margin-bottom: 0.5rem;
}
</style>

Describe the bug

Using the README setup and adding

<script>
definePageMeta({ auth: true })
</script>

to a page. While logged out when visiting this protected page the content flashes for a moment before redirecting to the index.

Additional context

screen recording of the flash of content on protected pages

Logs

No response

Environment

Related to Cloudflare pages

Inside devcontainer:

$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 12 (bookworm)
Release:        12
Codename:       bookworm

Outside devcontainer:

$ lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 23.04
Release:	23.04
Codename:	lunar

Node:

$ node --version
v18.17.0
$ npm --version
9.8.1

from packages.json

  "devDependencies": {
    "@nuxt/devtools": "latest",
    "@types/node": "^18.17.3",
    "nuxt": "^3.6.5"
  },
  "dependencies": {
    "@auth/core": "^0.10.0",
    "h3": "1.8.0-rc.3",
    "@hebilicious/authjs-nuxt": "^0.3.0-beta.2",
    "nitropack": "npm:nitropack-edge@latest"
  },
  "overrides": {
    "h3": "1.8.0-rc.3",
    "nitropack": "npm:nitropack-edge@latest"
  }

Reproduction

Can be reproduced from here using devcontainer or not:
https://github.com/bisand/blog-test

Build step:

$ npm run build

> build
> nuxt build

Nuxi 3.6.5                                                                                                                                                             6:13:08 AM
Nuxt 3.6.5 with Nitro 2.5.2                                                                                                                                            6:13:08 AM
ℹ Adding @auth/nuxt module... { verifyClientOnEveryRequest: true,                                                                                          @auth/nuxt 6:13:09 AM
  guestRedirectTo: '/',
  authenticatedRedirectTo: '/',
  baseUrl: '' }
✔ Added @auth/nuxt module successfully.                                                                                                                    @auth/nuxt 6:13:09 AM
ℹ Building client...                                                                                                                                                  6:13:10 AM
ℹ vite v4.3.9 building for production...                                                                                                                              6:13:10 AM
transforming (85) node_modules/pathe/dist/index.mjs
[6:13:11 AM]  WARN  [plugin:vite:resolve] Module "node:crypto" has been externalized for browser compatibility, imported by "/workspaces/blog-test/node_modules/@hebilicious/authjs-nuxt/dist/runtime/lib/server.mjs". See http://vitejs.dev/guide/troubleshooting.html#module-externalized-for-browser-compatibility for more details.

ℹ ✓ 256 modules transformed.                                                                                                                                          6:13:12 AM
ℹ .nuxt/dist/client/manifest.json                                2.78 kB │ gzip:  0.48 kB                                                                             6:13:13 AM
ℹ .nuxt/dist/client/_nuxt/error-500.c5df6088.css                 1.95 kB │ gzip:  0.74 kB                                                                             6:13:13 AM
ℹ .nuxt/dist/client/_nuxt/error-404.7fc72018.css                 3.63 kB │ gzip:  1.12 kB                                                                             6:13:13 AM
ℹ .nuxt/dist/client/_nuxt/entry.3c4ebcd6.css                    12.13 kB │ gzip:  2.49 kB                                                                             6:13:13 AM
ℹ .nuxt/dist/client/_nuxt/__vite-browser-external.b25bb000.js    0.03 kB │ gzip:  0.05 kB                                                                             6:13:13 AM
ℹ .nuxt/dist/client/_nuxt/guest-only.36354345.js                 0.37 kB │ gzip:  0.24 kB                                                                             6:13:13 AM
ℹ .nuxt/dist/client/_nuxt/auth.9340b1e7.js                       0.37 kB │ gzip:  0.24 kB                                                                             6:13:13 AM
ℹ .nuxt/dist/client/_nuxt/test.3851b75e.js                       0.60 kB │ gzip:  0.39 kB                                                                             6:13:13 AM
ℹ .nuxt/dist/client/_nuxt/error-500.3e5fbd94.js                  1.88 kB │ gzip:  0.99 kB                                                                             6:13:13 AM
ℹ .nuxt/dist/client/_nuxt/error-404.72b181b9.js                  6.53 kB │ gzip:  2.91 kB                                                                             6:13:13 AM
ℹ .nuxt/dist/client/_nuxt/entry.7dda54fb.js                    239.74 kB │ gzip: 71.31 kB                                                                             6:13:13 AM
ℹ ✓ built in 2.79s                                                                                                                                                    6:13:13 AM
✔ Client built in 2805ms                                                                                                                                              6:13:13 AM
ℹ Building server...                                                                                                                                                  6:13:13 AM
ℹ vite v4.3.9 building SSR bundle for production...                                                                                                                   6:13:13 AM
ℹ ✓ 78 modules transformed.                                                                                                                                           6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/entry-styles.8755339a.mjs             0.08 kB                                                                                               6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/error-500-styles.cf4b3e80.mjs         0.15 kB                                                                                               6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/error-404-styles.1e0dde27.mjs         0.15 kB                                                                                               6:13:14 AM
ℹ .nuxt/dist/server/styles.mjs                                  0.46 kB                                                                                               6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/auth-514615fe.js                      1.04 kB │ map:   0.87 kB                                                                              6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/guest-only-bd112471.js                1.04 kB │ map:   0.87 kB                                                                              6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/island-renderer-5a5e4c49.js           1.19 kB │ map:   1.40 kB                                                                              6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/test-49970a4b.js                      1.49 kB │ map:   0.84 kB                                                                              6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/error-500-styles-1.mjs-8fa81fcc.js    2.17 kB │ map:   0.12 kB                                                                              6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/error-500-7e82afc2.js                 3.16 kB │ map:   3.78 kB                                                                              6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/error-404-styles-1.mjs-e0837f4f.js    3.86 kB │ map:   0.12 kB                                                                              6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/error-404-aded3150.js                 9.81 kB │ map:  18.91 kB                                                                              6:13:14 AM
ℹ .nuxt/dist/server/_nuxt/entry-styles-1.mjs-8b8449e7.js       12.38 kB │ map:   0.11 kB                                                                              6:13:14 AM
ℹ .nuxt/dist/server/server.mjs                                129.40 kB │ map: 186.85 kB                                                                              6:13:14 AM
ℹ ✓ built in 1.22s                                                                                                                                                    6:13:14 AM
✔ Server built in 1230ms                                                                                                                                              6:13:14 AM
✔ Generated public .output/public                                                                                                                               nitro 6:13:14 AM
ℹ Building Nitro Server (preset: cloudflare)                                                                                                                    nitro 6:13:14 AM
node_modules/@auth/core/lib/cookie.js (1:30) The 'this' keyword is equivalent to 'undefined' at the top level of an ES module, and has been rewritten
node_modules/@auth/core/lib/cookie.js (1:38) The 'this' keyword is equivalent to 'undefined' at the top level of an ES module, and has been rewritten
node_modules/@auth/core/lib/cookie.js (7:30) The 'this' keyword is equivalent to 'undefined' at the top level of an ES module, and has been rewritten
node_modules/@auth/core/lib/cookie.js (7:38) The 'this' keyword is equivalent to 'undefined' at the top level of an ES module, and has been rewritten
✔ Nitro server built                                                                                                                                            nitro 6:13:29 AM
  └─ .output/server/index.mjs (1.08 MB) (306 kB gzip)
Σ Total size: 1.08 MB (306 kB gzip)
✔ You can preview this build using npx wrangler dev .output/server/index.mjs --site .output/public --local                                                      nitro 6:13:29 AM
✔ You can deploy this build using npx wrangler publish                                                                                                          nitro 6:13:29 AM

Run Cloudflare pages locally:

$ npx wrangler dev .output/server/index.mjs --site .output/public --local

 ⛅️ wrangler 3.5.0
------------------
wrangler dev now uses local mode by default, powered by 🔥 Miniflare and 👷 workerd.
To run an edge preview session for your Worker, use wrangler dev --remote
▲ [WARNING] --local is no longer required and will be removed in a future version.

  `wrangler dev` now uses the local Cloudflare Workers runtime by default. 🎉


Your worker has access to the following bindings:
- KV Namespaces:
  - images_test: aaf56cc016f042ab91636d59b4875776
  - bisand_blog_test: 3e094d827b1f436d9cd16cdd3f860f24
⎔ Starting local server...
service core:user:bisand-blog-test: Uncaught TypeError: Cannot read properties of undefined (reading 'split')
  at core:user:bisand-blog-test:4513:38
  at core:user:bisand-blog-test:24327:4
  at core:user:bisand-blog-test:24328:3
✘ [ERROR] MiniflareCoreError [ERR_RUNTIME_FAILURE]: The Workers runtime failed to start. There is likely additional logging output above.


╭─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ [b] open a browser, [d] open Devtools, [l] turn off local mode, [c] clear console, [x] to exit                                                                                  │
╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯

Describe the bug

This issue is related to Cloudflare pages using nuxt 3.6.5 and @hebilicious/authjs-nuxt 0.3.0-beta.2. The error occurs both on local (wrangler) and on Cloudflare.

Not sure if this is a bug in your component or any of the dependencues, but the error occurred after installing and running v0.3.0-beta.2

This code section seems to be the culprit. Withouth further investigation, it seems to be a part of an auto generated javascript by Wrangler, located in the /tmp/ folder. In this particular case: /tmp/tmp-3050-TxBjBovMveML/index.js

...
1320  |   const L = "undefined" != typeof globalThis ? globalThis : "undefined" != typeof self ? self : "undefined" != typeof global ? global : {};
1321  |   L.process = L.process || x;
1322  |   const R = L.process;
...
4576  |   const [Cs, Es] = R.versions.node.split(".").map((e2) => parseInt(e2, 10));
          //                            ^ undefined
...

I would be

Additional context

Link to generated javascript file:
/tmp/tmp-3050-TxBjBovMveML/index.js

Logs

No response

Environment

package.json

  "devDependencies": {
    "@nuxt/devtools": "latest",
    "@types/node": "^20.4.10",
    "nuxt": "^3.6.5"
  },
  "dependencies": {
    "@auth/core": "^0.11.1",
    "@hebilicious/authjs-nuxt": "0.3.0-beta.2",
    "h3": "1.8.0-rc.3",
    "nitropack": "npm:nitropack-edge@latest"
  },
  "overrides": {
    "h3": "1.8.0-rc.3",
    "nitropack": "npm:nitropack-edge@latest"
  },
  "resolutions": {
    "h3": "1.8.0-rc.3",
    "nitropack": "npm:nitropack-edge@latest"
  }

nodejs v20.0.0
npm 9.6.4

Reproduction

Create a brand new Nuxt3 app. I followed the installation instructions https://nuxt.com/docs/getting-started/installation

pnpm dlx nuxi@latest init myapp

Then followed the installation instructions from here https://authjs-nuxt.pages.dev/getting-started.html down to and including the usage section.
I'm use Azure AD instead of Github.
My nuxt.config.ts looks like this: Notice the app: baseURL and public/baseURL sections.
https://nuxt.com/docs/api/configuration/nuxt-config#baseurl

// https://nuxt.com/docs/api/configuration/nuxt-config
import { resolve } from "node:path"

export default defineNuxtConfig({
  devtools: { enabled: true },
  alias: {
    cookie: resolve(__dirname, "node_modules/cookie")
  },
  app: {
      baseURL: "/myapp",
  },
  modules: ["@hebilicious/authjs-nuxt"],
  // Optional default config
  //  authJs: {
  //    verifyClientOnEveryRequest: true,
  //    guestRedirectTo: "/", // where to redirect if the user is authenticated
  //    authenticatedRedirectTo: "/", // where to redirect if the user is not authenticated
  //    baseUrl: ""
  //  },
  runtimeConfig: {
    authJs: {
      secret: process.env.NUXT_NEXTAUTH_SECRET, // You can generate one with `openssl rand -base64 32`
    },
    github: {
      clientId: process.env.NUXT_GITHUB_CLIENT_ID,
      clientSecret: process.env.NUXT_GITHUB_CLIENT_SECRET,
    },
    azureAD: {
      clientId: process.env.NUXT_AZUREAD_CLIENT_ID,
      clientSecret: process.env.NUXT_AZUREAD_CLIENT_SECRET,
      tenantId: process.env.NUXT_AZUREAD_TENANT_ID
    },
    public: {
      authJs: {
        baseUrl: process.env.NUXT_NEXTAUTH_URL, // The base URL is used for the Origin Check in prod only
        verifyClientOnEveryRequest: true, // whether to hit the /auth/session endpoint on every client request
      },
      baseURL: "/myapp",
    },
  },
});

Describe the bug

Because of adding the baseURL, I am unable to authenticate or access any of the auth apis because none of the auth URL's are correct. They are all absolute paths starting with /api/auth and do not take into account the baseURL prefix. I spent a lot of time in debug trying to find out whether the bug was in this library or the @auth/core library. I found this library is the one trying to access the session api end point when serving the application and the /api/auth/session end point doesn't exist due to the NuxtJS app being served on ${baseURL}/*

I didn't know the best way to propose a fix for this but it seems that the config defined in the catchall route (server/api/auth/[...].ts) needs to pass the baseURL in the config so it can be referenced throughout this library. If baseURL exists, prefix all the auth routes with it. If it doesn't exist, then use the current paths.

I passed the baseURL in the runtime public section, but as far as I can tell, that isn't always available in the library. But the config object is passed to most of the library functions and adding baseURL to the config from the runtime variables would solve that.

Additional context

It also looks like I have to configure custom page routes in the catchall route config file. (server/api/auth/[...].ts). I got this from the @auth/core documentation at https://authjs.dev/guides/basics/pages and modified the url's to work with a baseURL. I'm not 100% sure this is needed but I added it here for reference.

 pages: {
    signIn: `${runtimeConfig.public.baseURL || ''}/auth/signin`,
    signOut: `${runtimeConfig.public.baseURL || ''}/auth/signout`,
    error: `${runtimeConfig.public.baseURL || ''}/auth/error`, // Error code passed in query string as ?error=
    verifyRequest: `${runtimeConfig.public.baseURL || ''}/auth/verify-request`, // (used for check email message)
    newUser: `${runtimeConfig.public.baseURL || ''}/auth/new-user` // New users will be directed here on first sign in (leave the property out if not of interest)
  },

Logs

No response

How to get all discord callback flags (like discord userId)

Environment

• Operating System: Linux
• Node Version: v20.6.1
• Nuxt Version: 3.8.0-28267841.4063b498
• CLI Version: 3.9.1-1695234696.c4b90f7
• Nitro Version: 2.6.3
• Package Manager: [email protected]
• Builder: -
• User Config: alias, app, colorMode, css, dayjs, devtools, experimental, i18n, image, modules, nitro, runtimeConfig, security, spaLoadingTemplate, ssr, tailwindcss, typescript, viewport, vueEmail
• Runtime Modules: @hebilicious/[email protected], @nuxt/[email protected], @nuxtjs/[email protected], @nuxtjs/[email protected], @nuxtjs/[email protected], @pinia/[email protected], @vee-validate/[email protected], @vueuse/[email protected], [email protected], [email protected], [email protected], [email protected], vue-email/nuxt
• Build Modules: -

Reproduction

https://github.com/imcm7/nuxt-db/blob/8362c342a7ddd154255ef8c7c94869a1b80d7673/server/api/%5B...%5D.ts#L95

Describe the bug

const runtimeConfig = useRuntimeConfig();
export default NuxtAuthHandler(authOptions, runtimeConfig); <--- Argument of type 'NitroRuntimeConfig' is not assignable to parameter of type 'RuntimeConfig'.  Type 'NitroRuntimeConfig' is missing the following properties from type 'RuntimeConfig': public, csurf, authJs, github, and 2 more.ts

Additional context

No response

Logs

No response

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• chore(deps): update all non-major dependencies (@auth/core, @nuxt/kit, @nuxt/module-builder, @nuxt/test-utils, @panva/hkdf, @types/node, bumpp, bun-types, cookie, cookie-es, defu, eslint, eslint-plugin-import, immer, jose, lint-staged, nuxt, pnpm, prettier, rimraf, simple-git-hooks, taze, typescript, vitepress)
• chore(deps): update dependency @types/node to v22
• chore(deps): update dependency conventional-changelog-cli to v5
• chore(deps): update dependency eslint to v9
• chore(deps): update dependency jose to v5
• chore(deps): update dependency pnpm to v9
• chore(deps): update dependency rimraf to v6
• chore(deps): update devdependency @nuxt/devtools to v1
• chore(deps): update devdependency vitest to v2
• chore(deps): update oven-sh/setup-bun action to v2
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

Environment

Node version: 18.16.1

{
  "name": "nuxt-auth",
  "private": true,
  "scripts": {
    "build": "nuxt build",
    "dev": "nuxt dev",
    "generate": "nuxt generate",
    "preview": "nuxt preview",
    "postinstall": "nuxt prepare",
    "lint": "eslint --max-warnings 0 .",
    "typecheck": "nuxt typecheck",
    "start": "NODE_ENV=production node .output/server/index.mjs"
  },
  "devDependencies": {
    "@nuxt/devtools": "latest",
    "@nuxtjs/color-mode": "^3.3.0",
    "@nuxtjs/eslint-config-typescript": "^12.0.0",
    "@nuxtjs/google-fonts": "^3.0.1",
    "@nuxtjs/tailwindcss": "^6.8.0",
    "@prisma/client": "^5.0.0",
    "@types/bcryptjs": "^2.4.2",
    "@types/node": "^20.4.2",
    "eslint": "^8.45.0",
    "nuxt": "^3.6.3",
    "nuxt-icon": "^0.4.2",
    "prisma": "^5.0.0",
    "typescript": "^5.1.6",
    "vue-tsc": "^1.8.5"
  },
  "dependencies": {
    "@auth/core": "^0.9.0",
    "@auth/prisma-adapter": "^1.0.1",
    "@hebilicious/authjs-nuxt": "^0.1.5",
    "@types/jsonwebtoken": "^9.0.2",
    "@vuelidate/core": "^2.0.3",
    "@vuelidate/validators": "^2.0.3",
    "bcryptjs": "^2.4.3",
    "jsonwebtoken": "^9.0.1"
  }
}

Reproduction

Here is the error that I got in my console:

[nuxt] [request error] [unhandled] [500] useRuntimeConfig is not defined
  at getServerOrigin /.nuxt/dev/index.mjs:842:24` and also at `at getServerToken .nuxt/dev/index.mjs:926:19

Describe the bug

I am trying to get the JWT, I have followed the instruction as written in the docs.

In my /server/jwt.get.ts file I have the following code:

import { authOptions } from "../api/auth/[...]"
import { getServerSession, getServerToken } from "#auth"
export default defineEventHandler(async (event) => {
  const session = await getServerSession(event, authOptions)
  const jwt = await getServerToken(event, authOptions)
  return { session, jwt }
})

but I get the following error in my console:

[nuxt] [request error] [unhandled] [500] useRuntimeConfig is not defined  2:34:39 AM
  at getServerOrigin

here is the code that I have defined in the /server/api/auth/[...].ts file:

import GithubProvider from "@auth/core/providers/github";
import GoogleProvider from "@auth/core/providers/google";
import type { AuthConfig } from "@auth/core/types"
import { NuxtAuthHandler } from "#auth";
import { PrismaAdapter } from "@auth/prisma-adapter";
import { PrismaClient } from "@prisma/client";
const prisma = new PrismaClient();
const runtimeConfig = useRuntimeConfig()

export const authOptions: AuthConfig = {
    adapter: PrismaAdapter(prisma),
    secret: 'fghjgsdfjhktrygjndfbvvsdvbtrhgfg',
    providers: [
        GithubProvider({
            clientId: runtimeConfig.GITHUB_CLIENT_ID,
            clientSecret: runtimeConfig.GITHUB_CLIENT_SECRET
        }),

        GoogleProvider({
            clientId: runtimeConfig.GOOGLE_CLIENT_ID,
            clientSecret: runtimeConfig.GOOGLE_CLIENT_SECRET
        })
    ]
}

export default NuxtAuthHandler(authOptions, runtimeConfig) 

Additional context

Here is the error that I got in my console:

[nuxt] [request error] [unhandled] [500] useRuntimeConfig is not defined
  at getServerOrigin /.nuxt/dev/index.mjs:842:24

Logs

Here is the error that I got in my console:

[nuxt] [request error] [unhandled] [500] useRuntimeConfig is not defined
  at getServerOrigin /.nuxt/dev/index.mjs:842:24` and also at `at getServerToken .nuxt/dev/index.mjs:926:19

Environment

"@auth/core": "^0.10.0",
"@hebilicious/authjs-nuxt": "0.2.0-beta.5"

Reproduction

https://github.com/Shhu/auth-nuxt-repro-signin-return/blob/main/pages/middlewareIssue.vue

Describe the bug

Typescript loses the middlewares of the packages when a middleware is created in the middleware folder.

If you create a middleware in /middleware typescript no longer knows authjs-nuxt's middlewares (but it still works, types are probably overrode instead of augmented)

Additional context

No response

Logs

No response

Environment

nuxt3.6

Reproduction

npm i @auth/core will install v 0.10 which is incompatible with this library. Works locally but crashes while building on vercel-edge

Describe the bug

npm ERR! Conflicting peer dependency: @auth/[email protected]
npm ERR! node_modules/@auth/core
npm ERR!   peer @auth/core@"^0.9.0" from @hebilicious/[email protected]
npm ERR!   node_modules/@hebilicious/authjs-nuxt
npm ERR!     dev @hebilicious/authjs-nuxt@"^0.2.0-beta.5" from the root project

Additional context

No response

Logs

No response

Environment

Reproduction

Go to the npm registry and look or install the package (installs 0.3.0)

Describe the bug

Version 0.3.1 and 0.3.2 are not in the npm registry

Additional context

No response

Logs

No response

Environment

Nuxt 3.6.5
Node v18.12.1

Reproduction

N/A

Describe the bug

Thank you for creating this library.
I have followed the instructions and added @hebilicious/authjs-nuxt to nuxt.config.ts modules.
I've run npm i and npm run dev but I get this error in [...].ts
NuxtAuthHandler not found in '#auth'

Additional context

No response

Logs

No response

Environment

node 18.0.0
nuxt 3.6.1
nitro 2.5.2

Reproduction

https://github.com/dissy123/authjs-nuxt/tree/main/playgrounds/keycloak

Describe the bug

No cookies are set when signin with keycloak, in keycloak i get a user session after the login attempt

and this is directly after login:

Additional context

No response

Logs

In my monorepo i get the following error message:

montreet:dev: [auth][error][InvalidCheck]: Read more at https://errors.authjs.dev#invalidcheck
montreet:dev: [auth][cause]: InvalidCheck: PKCE code_verifier cookie was missing.
montreet:dev:     at Object.use (file:///Users/matthiasdollfuss/00_Dev/localflow-monorepo/node_modules/.pnpm/@[email protected]/node_modules/@auth/core/lib/oauth/checks.js:42:19)
montreet:dev:     at handleOAuth (file:///Users/matthiasdollfuss/00_Dev/localflow-monorepo/node_modules/.pnpm/@[email protected]/node_modules/@auth/core/lib/oauth/callback.js:52:44)
montreet:dev:     at async Module.callback (file:///Users/matthiasdollfuss/00_Dev/localflow-monorepo/node_modules/.pnpm/@[email protected]/node_modules/@auth/core/lib/routes/callback.js:20:41)
montreet:dev:     at async AuthInternal (file:///Users/matthiasdollfuss/00_Dev/localflow-monorepo/node_modules/.pnpm/@[email protected]/node_modules/@auth/core/lib/index.js:65:38)
montreet:dev:     at async Auth (file:///Users/matthiasdollfuss/00_Dev/localflow-monorepo/node_modules/.pnpm/@[email protected]/node_modules/@auth/core/index.js:100:30)
montreet:dev:     at async file:///Users/matthiasdollfuss/00_Dev/localflow-monorepo/01_Websites/montreet/.nuxt/dev/index.mjs:745:22
montreet:dev:     at async Object.handler (file:///Users/matthiasdollfuss/00_Dev/localflow-monorepo/node_modules/.pnpm/[email protected]/node_modules/h3/dist/index.mjs:1255:19)
montreet:dev:     at async Server.toNodeHandle (file:///Users/matthiasdollfuss/00_Dev/localflow-monorepo/node_modules/.pnpm/[email protected]/node_modules/h3/dist/index.mjs:1330:7)
montreet:dev: [auth][details]: {
montreet:dev:   "provider": "keycloak"
montreet:dev: }

In the reproduction i don't get an error message.
But the cookies are not set.

Environment

Nuxt project info: 5:45:40 p.m.

• Operating System: Windows_NT
• Node Version: v18.17.1
• Nuxt Version: 3.8.0
• CLI Version: 3.9.1
• Nitro Version: 2.7.0
• Package Manager: [email protected]
• Builder: -
• User Config: alias, devtools, ssr, modules, authJs, runtimeConfig, apollo, i18n
• Runtime Modules: @nuxtjs/[email protected], @nuxtjs/[email protected], @nuxtjs/[email protected], @hebilicious/[email protected]
• Build Modules: -

Reproduction

If you use useAuth() in a plugin (like in ~/plugins/randomPlugin.ts), you're not authenticated.

Describe the bug

It should authenticate before the plugins. It makes it impossible to use it with @nuxtjs/apollo

Additional context

No response

Logs

No response

Describe the feature

So far everything is working great except middlewares. After a user is authenticated, he or she is redirected to the protected page but the user can STILL ACCESS the login and register page. If the user is NOT authenticated, the middleware WORKS by not letting the authenticated user see the protected page. So my questions are:

1. Is there a built in middleware that can prevent the user from accessing the login and register page once authenticated ?

2. Is this a bug that can be fixed or is it a feature that needs to be implemented ?

3. If the answer to the above 2 questions is No. Does it mean I should create a middleware myself?

Also in my nuxt.config.ts file, I have set verifyClientOnEveryRequest: true and used definePageMeta({ middleware: 'auth' }) to protect my private pages.

Additional information

• Would you be willing to help implement this feature?

It seems like some types can not be inferred.

Environment

node: 18.16.1

Reproduction

I am using signin helper with custom callback_url like this:

  useAuth().signIn('auth0', {callbackUrl:"/activity/hausfuehrung-chesa-laudenbacher", redirect:true}, options)

but this callback never triggered. instead you get to a default home page.

Describe the bug

I can assume that it should be stored in cookie before we do an actual redirect to auth provider page. but it is not... it is basically overwriten while copying cookie headers in utility function respondWithResponse and only the last cookie is stored
packages/authjs-nuxt/src/runtime/utils.ts#L83

i beleive that the straight forward fix would be smth like this:

event.node.res.setHeader(key, value); => event.node.res.appendHeader(key, value);

Additional context

No response

Logs

No response

Environment

This is happening locally and on CI

Reproduction

Use 'yarn' in CI, or use 'yarn install <<this_package>>'

Describe the bug

The postinstall scripts assumes nuxi exists in global path

Additional context

Can we remove this please ?

Logs

[4/4] Building fresh packages...
error /builds/xapp/node_modules/@hebilicious/authjs-nuxt: Command failed.
Exit code: 127
Command: nuxi prepare
Arguments: 
Directory: /builds/xapp/node_modules/@hebilicious/authjs-nuxt
Output:
/bin/sh: nuxi: not found

Discussed in #46

POST https://authjs018.pages.dev/api/auth/signin/google? - Ok
GET https://authjs018.pages.dev/api/auth/callback/google?code=4%REDACTED&scope=email+profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&authuser=0&prompt=none - Ok

  (log) signIn called
  (log) { ... profile content ... }

GET https://authjs018.pages.dev/ - Ok

  (log) session called
  (log) { ... session content ... }

POST https://authjs0110.pages.dev/api/auth/signin/google? - Ok
GET https://authjs0110.pages.dev/api/auth/callback/google?code=4%REDACTED&scope=email+profile+openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&authuser=0&prompt=none - Ok

  (log) signIn called
  (log) { ... profile content ... }

GET https://authjs0110.pages.dev/ - Ok
GET https://authjs0110.pages.dev/api/auth/session - Ok
GET https://authjs0110.pages.dev/ - Ok

Describe the feature

see title

Additional information

• Would you be willing to help implement this feature?

I am attempting to implement authentication using the CredentialsProvider. However, when I access the JWT endpoint, both the session and JWT are returned as null, even though I have defined the callback functions. When I log the output in the console, I am receiving "null." Is there anything in particular that I am missing?

/api/auth/[...].ts

/* eslint-disable no-console */
import CredentialsProvider from '@auth/core/providers/credentials'
import GithubProvider from '@auth/core/providers/github'
import GoogleProvider from '@auth/core/providers/google'
import type { AuthConfig } from '@auth/core/types'
import { PrismaAdapter } from '@auth/prisma-adapter'
import { PrismaClient } from '@prisma/client'
import { NuxtAuthHandler } from '#auth'

const prisma = new PrismaClient()

const runtimeConfig = useRuntimeConfig()

export const authOptions: AuthConfig = {
  adapter: PrismaAdapter(prisma),
  providers: [
    CredentialsProvider({
      id: 'credentials',
      name: 'Credentials',
      credentials: {
        email: {
          label: 'email',
          type: 'text',
        },

        password: {
          label: 'password',
          type: 'password',
        },
      },
      // eslint-disable-next-line @typescript-eslint/ban-ts-comment
      // @ts-expect-error
      async authorize(credentials: { email: string; password: string }) {
        try {
          const user = await $fetch('/api/auth/login', {
            method: 'POST',
            body: {
              email: credentials.email,
              password: credentials.password,
            },
          })
          console.log('Response', user)
          return user
        }
        catch (err) {
          if (err instanceof Error) {
            createError({
              status: 500,
              message: err.message,
            })
          }
        }
      },
    }),
    GithubProvider({
      clientId: runtimeConfig.NUXT_GITHUB_CLIENT_ID,
      clientSecret: runtimeConfig.NUXT_GITHUB_CLIENT_SECRET,
    }),

    GoogleProvider({
      clientId: runtimeConfig.NUXT_GOOGLE_CLIENT_ID,
      clientSecret: runtimeConfig.NUXT_GOOGLE_CLIENT_SECRET,
    }),
  ],
  callbacks: {
    async signIn({ user, account, profile, email, credentials }) {
      console.log('user', user)
      return true
    },
    async jwt({ token, user, session }) {
      console.log('jwt callback', { token, user, session })
      return token
    },

    async session({ session, token, user }) {
      console.log('session callback', { token, user, session })
      return session
    },
  },
  // pages: {
  //   signIn: '/auth',
  // },
  session: { strategy: 'jwt' },
  jwt: {
    secret: runtimeConfig.NUXT_JWT_SECRET,
  },
  secret: '76543345678ytrertyujhfdcvbnbvc',
}

export default NuxtAuthHandler(authOptions, runtimeConfig)

Package.json

{
  "name": "nuxt-app",
  "private": true,
  "scripts": {
    "build": "nuxt build",
    "dev": "nuxt dev",
    "generate": "nuxt generate",
    "preview": "nuxt preview",
    "postinstall": "nuxt prepare"
  },
  "dependencies": {
    "@auth/core": "^0.12.0",
    "@auth/prisma-adapter": "^1.0.1",
    "@hebilicious/authjs-nuxt": "0.3.0-beta.2",
    "@prisma/client": "^5.1.1",
    "@vuelidate/core": "^2.0.3",
    "@vuelidate/validators": "^2.0.3",
    "bcrypt": "^5.1.1",
    "vue-router-better-scroller": "^0.0.0"
  },
  "devDependencies": {
    "@antfu/eslint-config": "^0.40.2",
    "@nuxt/devtools": "latest",
    "@nuxt/image": "1.0.0-rc.1",
    "@nuxthq/ui": "^2.7.0",
    "@nuxtjs/google-fonts": "^3.0.2",
    "@types/node": "^20.5.1",
    "eslint": "^8.47.0",
    "nuxt": "^3.6.5",
    "prisma": "^5.1.1"
  },
  "resolutions": {
    "h3": "1.8.0-rc.3",
    "nitropack": "npm:nitropack-edge@latest"
  }
}

Reproduction

https://stackblitz.com/edit/nuxt-authjs-reproduction

I keep getting: "Cannot read properties of undefined (reading 'trustHost')"

Trying with:

import { getServerSession } from '#auth'
const session = await getServerSession(event)

Describe the feature

getServerToken returns the token as a jwt object but sometimes its needed as a raw string
The getToken from authjs has a way to do this with getToken<true> as type parameters.
https://authjs.dev/reference/core/jwt#gettoken

Additional information

• Would you be willing to help implement this feature?

Environment

• Operating System: Darwin
• Node Version: v18.16.0
• Nuxt Version: 3.7.3
• CLI Version: 3.8.4
• Nitro Version: 2.6.3
• Package Manager: [email protected]
• Builder: -
• User Config: devtools, modules, ui, alias, authJs, runtimeConfig
• Runtime Modules: @nuxt/[email protected], @hebilicious/[email protected], vue-email/nuxt
• Build Modules: -

Reproduction

Full description of problem below

Describe the bug

I am making a call to getServerSession() in my API route, like this:

import { APIResponseData } from "~/server/utils/types";

import { prisma } from "../../../prisma/db";
import {
  GetUsersInputSchema,
  GlobalQueryResponseOutputSchemaInputType,
} from "~/server/utils/validators";
// import { getAuthSession } from "~/server/utils/admin";
import { getServerSession, getServerToken } from "#auth";
import { authOptions } from "../auth/[...]";

// import protectAdmin from "../../utils/validators/admin";

export default defineEventHandler(async (event) => {
  // await protectAdmin(event);
  const session = await getServerSession(event, authOptions);
  const jwt = await getServerToken(event, authOptions);

  console.log(session, jwt);

  return `API route`;
});

It throws this error:

[nuxt] [request error] [unhandled] [500] No Origin found ...
  at getServerOrigin (./node_modules/.pnpm/@[email protected]_@[email protected][email protected]/node_modules/@hebilicious/authjs-nuxt/dist/runtime/utils.mjs:15:11)
  at getServerToken (./node_modules/.pnpm/@[email protected]_@[email protected][email protected]/node_modules/@hebilicious/authjs-nuxt/dist/runtime/lib/server.mjs:47:19)
  at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
  at <anonymous> (./server/api/users/index.get.ts:17:1)
  at async Object.handler (./node_modules/.pnpm/[email protected]/node_modules/h3/dist/index.mjs:1630:19)
  at async Server.toNodeHandle (./node_modules/.pnpm/[email protected]/node_modules/h3/dist/index.mjs:1840:7)

I have set NEXTAUTH_SECRET and NEXTAUTH_URL in my .env.

And here is my nuxt.config.ts:

import { resolve } from "node:path";

// https://nuxt.com/docs/api/configuration/nuxt-config
export default defineNuxtConfig({
  devtools: { enabled: true },
  modules: ["@nuxt/ui", "@hebilicious/authjs-nuxt", "vue-email/nuxt"],
  ui: {
    icons: ["logos", "mdi"],
  },

  alias: {
    cookie: resolve(__dirname, "node_modules/cookie"),
  },

  //   Optional default config
  authJs: {
    baseUrl: process.env.NUXT_NEXTAUTH_URL, // should be something like https://www.my-app.com
    verifyClientOnEveryRequest: true,
    //   guestRedirectTo: "/", // where to redirect if the user is authenticated
    //   authenticatedRedirectTo: "/", // where to redirect if the user is not authenticated
  },
  runtimeConfig: {
    authJs: {
      secret: process.env.NUXT_NEXTAUTH_SECRET, // You can generate one with `openssl rand -base64 32`
    },
    discord: {
      clientId: process.env.NUXT_DISCORD_CLIENT_ID,
      clientSecret: process.env.NUXT_DISCORD_CLIENT_SECRET,
    },
    email: {
      senderAddress: process.env.NUXT_EMAIL_SENDER_ADDRESS,
      serverUsername: process.env.NUXT_EMAIL_SERVER_USERNAME,
      serverPassword: process.env.NUXT_EMAIL_SERVER_PASSWORD,
      serverHost: process.env.NUXT_EMAIL_SERVER_HOST,
      serverPort: Number(process.env.NUXT_EMAIL_SERVER_PORT),
    },
    google: {
      clientId: process.env.NUXT_GOOGLE_CLIENT_ID,
      clientSecret: process.env.NUXT_GOOGLE_CLIENT_SECRET,
    },
    organization: {
      name: process.env.NUXT_ORGANIZATION_NAME,
      domain: process.env.NUXT_ORGANIZATION_HOST_DOMAIN,
    },
    public: {
      authJs: {
        baseUrl: process.env.NUXT_NEXTAUTH_URL, // The URL of your deployed app (used for origin Check in production)
        verifyClientOnEveryRequest: true, // whether to hit the /auth/session endpoint on every client request
      },
    },
  },
});

I can't figure out why it's still throwing the error.

Additional context

No response

Logs

No response

Environment

• Operating System: Windows_NT
• Node Version: v18.16.0
• Nuxt Version: 3.7.3
• CLI Version: 3.8.4
• Nitro Version: 2.6.3
• Package Manager: [email protected]
• Builder: -
• User Config: devtools, modules, ui, alias, runtimeConfig
• Runtime Modules: @nuxt/[email protected], @hebilicious/[email protected], vue-email/nuxt
• Build Modules: -

Reproduction

none

Describe the bug

[auth][error][JWTSessionError]: Read more at https://errors.authjs.dev#jwtsessionerror

When ever I run the dev server. It worked initially now I get this error. Cannot figure out what we are doing wrong.

Additional context

JWEDecryptionFailed: decryption operation failed
    at gcmDecrypt (file:///C:/Users/tobychidi/Documents/GitHub/wissenschaft/wilventory/node_modules/.pnpm/[email protected]/node_modules/jose/dist/node/esm/runtime/decrypt.js:65:15)
    at decrypt (file:///C:/Users/tobychidi/Documents/GitHub/wissenschaft/wilventory/node_modules/.pnpm/[email protected]/node_modules/jose/dist/node/esm/runtime/decrypt.js:90:20)
    at flattenedDecrypt (file:///C:/Users/tobychidi/Documents/GitHub/wissenschaft/wilventory/node_modules/.pnpm/[email protected]/node_modules/jose/dist/node/esm/jwe/flattened/decrypt.js:140:27)
    at async compactDecrypt (file:///C:/Users/tobychidi/Documents/GitHub/wissenschaft/wilventory/node_modules/.pnpm/[email protected]/node_modules/jose/dist/node/esm/jwe/compact/decrypt.js:15:23)
    at async jwtDecrypt (file:///C:/Users/tobychidi/Documents/GitHub/wissenschaft/wilventory/node_modules/.pnpm/[email protected]/node_modules/jose/dist/node/esm/jwt/decrypt.js:5:23)
    at async Object.decode (file:///C:/Users/tobychidi/Documents/GitHub/wissenschaft/wilventory/node_modules/.pnpm/@[email protected]/node_modules/@auth/core/jwt.js:62:25)
    at async Module.session (file:///C:/Users/tobychidi/Documents/GitHub/wissenschaft/wilventory/node_modules/.pnpm/@[email protected]/node_modules/@auth/core/lib/routes/session.js:17:34)
    at async AuthInternal (file:///C:/Users/tobychidi/Documents/GitHub/wissenschaft/wilventory/node_modules/.pnpm/@[email protected]/node_modules/@auth/core/lib/index.js:29:33)
    at async Auth (file:///C:/Users/tobychidi/Documents/GitHub/wissenschaft/wilventory/node_modules/.pnpm/@[email protected]/node_modules/@auth/core/index.js:100:30)
    at <anonymous> (C:\Users\tobychidi\Documents\GitHub\wissenschaft\wilventory\node_modules\.pnpm\@[email protected]_@[email protected][email protected]\node_modules\@hebilicious\authjs-nuxt\dist\runtime\lib\server.mjs:23:22)

Logs

No response