hey! in this repo, i see parameter 'redirect' in anonymous.js, and i think
redirect('/') is go to new page, in my own nuxt.js project, when i add this 'redirect' parameter, like
export default function( { context, redirect} ){}... , it will say "Cannot read property 'route' of undefined",Where is wrong? How do I do page jumps in middleware?

and sorry my for my poor english.

Problem

I try to follow the README.md and install the project locally. So i run npm install and it throws me the following error in the console:

npm install
npm WARN deprecated [email protected]: core-js@<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js@3.
npm ERR! Unexpected end of JSON input while parsing near '...4.0","lodash.uniq":"^'

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/enux/.npm/_logs/2020-01-29T12_48_51_713Z-debug.log

How to reproduce

Clone the repository:
git clone https://github.com/nuxt/example-auth0.git
cd example-auth0

Install the dependencies:
npm install

Solution proposal

The core-js dependency should be updated inside the package.json, package-lock.json and yarn.json.

Version

latest

Reproduction link

https://github.com/christianechevarria/example-auth0

Steps to reproduce

1. Clone the repo
2. Host on your favorite static hosting service (Netlify, Render) with environment variables set
3. Sign-in

What is expected ?

Vuex store updates with auth values

What is actually happening?

User is redirected to home and can't access auth protected routes, but when tries to sign-in is already signed-in

Additional comments?

This is likely related to this nuxt-community/auth-module#893 (see the note about SSG) but I wanted to add this as an issue in case anyone else runs into this problem.

• ~/config.json in ./utils/lock.js
• ~components/ForkThis in ./node_modules/babel-loader/lib?{"babelrc":false,"cacheDirectory":true,"presets":["E://private_projects//example-auth0//node_modules//babel-preset-vue-app//dist//index.common.js"]}!./node_modules/vue-loader/lib/selector.js?type=script&index=0&bustCache!./layouts/default.vue
• ~components/Navbar in ./node_modules/babel-loader/lib?{"babelrc":false,"cacheDirectory":true,"presets":["E://private_projects//example-auth0//node_modules//babel-preset-vue-app//dist//index.common.js"]}!./node_modules/vue-loader/lib/selector.js?type=script&index=0&bustCache!./layouts/default.vue
• ~components/SuperSecretDiv in ./node_modules/babel-loader/lib?{"babelrc":false,"cacheDirectory":true,"presets":["E://private_projects//example-auth0//node_modules//babel-preset-vue-app//dist//index.common.js"]}!./node_modules/vue-loader/lib/selector.js?type=script&index=0&bustCache!./pages/index.vue

To install them, you can run: npm install --save ~/config.json ~components/ForkThis ~components/Navbar ~components/SuperSecretDiv

When I execute the command“npm install”"npm run dev",What happened？

When trying to install dependencies with Yarn, the install command fails, because it cannot access some packages (the server returns 401 Unauthorized.) As far as I'm aware the failing packages are:

• [email protected] resolving to ()[https://repository.neo9.pro/content/groups/global-npm/auth0-lock/-/auth0-lock-10.15.1.tgz#905f94b06a24150d9f1e12bb55f1667b205a8a31];
• idtoken-verifier@^1.0.1 resolving to ()[https://repository.neo9.pro/content/groups/global-npm/idtoken-verifier/-/idtoken-verifier-1.0.1.tgz#7563af238dfbc5aa2995744c37bf01dea3ad08ab]

As you can see, the URLs point to https://repository.neo9.pro instead of NPM or Yarn repositories.

Removing yarn.lock and installing sort of fixes the problem, but it defeats the purpose of having a lock file in the first place. I think @Atinux was behind a proxy when he regenerated file in this commit: b40e16b

Easy to fix, submitting a PR.

Version

2.11.0

Reproduction link

https://auth0.nuxtjs.org/

Steps to reproduce

Example-Auth0 (https://github.com/nuxt/example-auth0)

I had copied this example repos to local and register like README setup file.

I still have no idea yet. But I'll try to research config in dev mode

What is expected ?

I want dev mode can open many tabs like pro mode

What is actually happening?

In dev mode, can not open more than 3 tabs browsers

Hi, Atinux
I am a sincere fan of nuxt
I wanna use firebase with nuxt to build my static page, but firebase don't have any token after doing below code

firebase.auth().signInWithEmailAndPassword(email, password).catch(function(error) {
  // Handle Errors here.
  var errorCode = error.code;
  var errorMessage = error.message;
  // ...
});

I can't see it return any token that I can save it to resume my status that has logged In. so I think about using auth0 and using auth0's delegation to generate a exchange token, and use this token to log in firebase, and save the exchange token to record my firebase status, so I add these code in your code

var lock = new Auth0Lock('YOUR-AUTH0-CLIENT-ID', 'YOUR-AUTH0-DOMAIN.auth0.com');
  var auth0 = new Auth0({ domain : 'YOUR-AUTH0-DOMAIN.auth0.com', clientID: 'YOUR-AUTH0-CLIENT-ID'})

  // Display the default lock widget
   lock.show();

  // listen to when the user gets authenticated and then save the profile
   lock.on("authenticated", function(authResult) {
      lock.getProfile(authResult.idToken, function(error, profile) {

        if (error) {
          // handle error
          return;
        }

        localStorage.setItem('profile', JSON.stringify(profile))

        // Set the options to retreive a firebase delegation token
        var options = {
          id_token : authResult.idToken,
          api : 'firebase',
          scope : 'openid name email displayName',
          target: 'YOUR-AUTH0-CLIENT-ID'
        };

        // Make a call to the Auth0 '/delegate'
        auth0.getDelegationToken(options, function(err, result) {
          if(!err) {
            // Exchange the delegate token for a Firebase auth token
            firebase.auth().signInWithCustomToken(result.id_token).catch(function(error) {
              console.log(error);
            });
          }
        });
      });
    });

but it can't achieve my goal, it seem lock.on() don't receive some events or function show() has exited before receiving some event. I have three questions , please give me some advice.

1. In nuxt, where can I write some code that can run or listen for some event all the time, like lock.on(), have some best practice ?
2. After logging In auth0 and having logged in firebase , I can get the auth0 access token and exchange token , but both of these have expiration second, default 3600s. I save these token to localsStorage and cookie, and depend on these token null or not-null to decide user whether logged in , but how can I judge these token whether has expired, where is best place to add these code, plugin or middleware or custom directory like utils ? I have a little puzzle.
3. I see you give some advice about using firebase with ssr like vue-hackernews 2.0 https://github.com/vuejs/vue-hackernews-2.0/blob/master/src/store/create-api-server.js
   I think about use process.__FIREBASE__ to save firebase instance, but I think it don't match nuxt philosophy, how to save it in my whole application

Auth0 Example is broken

When I try to clone and 'npm run dev' this project, it seems to build and launch just fine. But when I navigate to localhost:3000, I get the error "ReferenceError: window is not defined". The offending line of code is server-bundle.js line 3538, "const json = window.localStorage.user;". Call stack is:

server-bundle.js:3538:16 getUserFromLocalStorage
server-bundle.js:2341:185
server-bundle.js:1630:15 promisify
server-bundle.js:1609:10 middlewareSeries
server-bundle.js:1125:72

How can I make this work?

What problem does this feature solve?

test

npm run dev show up the following errors:
These dependencies were not found:

• core-js/modules/es6.regexp.to-string in ./.nuxt/client.js, ./.nuxt/utils.js
• core-js/modules/es7.promise.finally in ./.nuxt/client.js
• core-js/modules/es7.symbol.async-iterator in ./.nuxt/client.js, ./.nuxt/middleware.js and 1 other

To install them, you can run: npm install --save core-js/modules/es6.regexp.to-string core-js/modules/es7.promise.finally core-js/modules/es7.symbol.async-iterator

I use node 10.12, npm 6.4.1 on Windows 10 and the original package.json

When I try to clone and 'npm run dev' this project, it seems to build and launch just fine. But when I navigate to localhost:3000, I get the error "ReferenceError: window is not defined". The offending line of code is server-bundle.js line 3538, "const json = window.localStorage.user;". Call stack is:

server-bundle.js:3538:16 getUserFromLocalStorage
server-bundle.js:2341:185
server-bundle.js:1630:15 promisify
server-bundle.js:1609:10 middlewareSeries
server-bundle.js:1125:72

I edit custom in uniserval login auth0 test preview that work , But in project not work login form still show original . What wrong ?

在我的iphone下测试，middlewire里面的内容并没有执行

This dependency was not found:

• ~/config.json in ./utils/lock.js
  it is misssing config.json

The link in the repo description points to a page that says

502 | An error occured with your deployment.

Best karfau

How to use token to implement auth this here without cookie at all ?

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

These problems occurred while renovating this repository. View logs.

• WARN: Using npm packages for Renovate presets is now deprecated. Please migrate to repository-based presets instead.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• chore(deps): update all non-major dependencies (@nuxtjs/axios, dotenv, nuxt, nuxt-start)
• chore(deps): update dependency dotenv to v16
• chore(deps): update devdependency nuxt to v3
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

What problem does this feature solve?

After clicking log out (use $auth.logout() ) under the hood, it only clears the storage token, etc.. on the browser but not the session from auth0 server therefore it still remains logged in

What does the proposed changes look like?

Log out completely from Auth0 server

The cookie approach can be very safe if done properly. Doing the following is fairly trivial:

• use httpOnly flag (prevents JavaScript access to cookie)
• use secure flag (only set cookie for https requests)
• Signed cookies (verify source of cookie)

This dependency was not found:

• ~/config.json in ./utils/lock.js

请问怎么解决？

Hi
Can we update the example to the latest build of Nuxt. the example is 4 months old and Nuxt is evolving very rapidly.

why？

npm run dev show up the following errors:
ERROR Cannot find module 'webpack/lib/RequestShortener'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:594:15)
at Function.Module._load (internal/modules/cjs/loader.js:520:25)
at Module.require (internal/modules/cjs/loader.js:650:17)
at require (internal/modules/cjs/helpers.js:20:18)
at Object. (node_modules\terser-webpack-plugin\dist\index.js:16:48)
at Module._compile (internal/modules/cjs/loader.js:702:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:713:10)
at Module.load (internal/modules/cjs/loader.js:612:32)
at tryModuleLoad (internal/modules/cjs/loader.js:551:12)
at Function.Module._load (internal/modules/cjs/loader.js:543:3)

Hello, where to get token for backend calls?

I have get this error when I try access auth routes:

on app: Invalid token specified
An error occurred while rendering the page. Check developer tools console for details.

on terminal:
nuxt:render Rendering url /auth/signed-in +0ms
context.isServer has been deprecated, please use process.server instead.
nuxt:render Data fetching /auth/signed-in: 30ms +0ms
nuxt:render Rendering url / +10s
context.isServer has been deprecated, please use process.server instead.
nuxt:render Data fetching /: 1ms +9s
nuxt:render Rendering url /auth/signed-in +19s
context.isServer has been deprecated, please use process.server instead.
nuxt:render Data fetching /auth/signed-in: 1ms +19s

Someone have any idea?
Thanks.

https://auth0.nuxtjs.org/

While you are working with middleware, I find that Windows objects are invoked. I wonder what you configured.
Could you help me use windows objects?

Hi, i wasn't able to run the example until i changed the following

• replaced ~components with ~/components
• changed state from object to a function

These helped to run the app. However, there was a persistent error when i tried to sign in with Auth0. All methods (Fb, username) responded with an error (token is not valid).

I managed to get the app working by disabling OIDC Conformant in my auth0 settings.

Although it's working now, are there any experts that can point out if there are any potential problems in future?

Looking for vuetify gui for auth-lock.

When link on sign-in
Something went wrong. Please contact technical support.
I get I should ask question auth0/auth0.js

There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.

Error type: Cannot find preset's package (@nuxtjs)

Hi,

Looking at the live demo, I'm able to fetch https://auth0.nuxtjs.org/_nuxt/4.nuxt.bundle.44ee0eecf0cba54387c9.js without having signed into Auth0
(I'm not sure if the actual URL will change but basically this file contains the content of secret page).

I've only just heard about Nuxt.js so I might be missing something, but it seems to me like you're only doing client-side authentication in this example? Is this by design? I would argue that this not secure at all.

Could you update the example to include how to protect the end-point (/_nuxt/4.nuxt.bundle.44ee0eecf0cba54387c9.js) against unauthorized requests?

I also had a look at https://nuxtjs.org/examples/auth-routes/. Unfortunately, it suffers from the same issues - I am able to fetch https://nuxt-auth-routes.glitch.me/_nuxt/1.nuxt.bundle.js without being authenticated.

Thanks

Press the 'reload' button on your web browser to refresh the site and vuex empty

Do I understand correctly that you do not check the JWT tokens for the validity of the signature? Judging by the source code, the username is simply retrieved from the token. And whether it was signed by Auth0 or not - there is no verification.

If this is the case, there to be needed a note about this in the README of this example. Otherwise, many programmers will create work sites on the basis of this example, in which the authorization zone will be “hacked” with any Base64-encoded JWT issued by any script.

Anybody knows how to fix this?

Version

v4.8.5

Reproduction link

https://nuxt.federicod.dev/

Steps to reproduce

1. git clone https://github.com/nuxt/example-auth0.git;
2. set Auth0 domain and client_id into nuxt.config.js (I am not using the .env file as it seems to me that it doesn't get embedded in the SPA after running npm run build)
3. set mode: spa
4. nuxt build
5. deploy the dist folder
6. access the website and try to login with [email protected]; Demo1@23
7. after the callback URL is opened, it stays stuck there

On a more complicated platform I am developing, some API calls that are made on the callback URL to populate a Vuex store all yields unauthorized error, meaning that the token doesn't get stored at all.

When running example-auth0 and the application I am developing in development mode with npm run dev, everything works fine. So I suppose that something goes wrong only after running the build command.

What is expected ?

I expect the callback URL to be opened and the token received stored.

What is actually happening?

The SPA stays stuck at the callback URL and no token is stored.

Additional comments?

Webserver: Caddy
Configuration:

nuxt.federicod.dev {
        root /root/dev/example-auth0/dist
}

No errors are shown in the console.

Why don't you use '@nuxtjs/auth' ?
I can't see it in packages.json whereas in this website : https://auth.nuxtjs.org/getting-started/setup It says you need it.

related to this issue: auth0/lock#809

I want to make jumps with parameters but not query parameters.
exp:

middleware -> auth.js

import _ from 'lodash'

export default function(ctx) {
  if (!_.isEmpty(ctx.store.state.user)) {
    ctx.redirect({ name: 'index', query: { message: 'your login...' } })
  }
}

If you use the query parameters, the message will always exist when the user refreshes

Was wondering if you could take a quick look at the code for nuxt 2.0.0. It doesn't work anymore :-/