Version

latest

Reproduction link

https://github.com/christianechevarria/example-auth0

Steps to reproduce

1. Clone the repo
2. Host on your favorite static hosting service (Netlify, Render) with environment variables set
3. Sign-in

What is expected ?

Vuex store updates with auth values

What is actually happening?

User is redirected to home and can't access auth protected routes, but when tries to sign-in is already signed-in

Additional comments?

This is likely related to this https://github.com/nuxt-community/auth-module/issues/893 (see the note about SSG) but I wanted to add this as an issue in case anyone else runs into this problem.

Hello everybody. I do authentication on nakst + django. When you try to log in, the page freezes. What could be the problem?
login.vue
<template>
<el-card shadow="always" :style="{ width: '500px' }">
<el-form :model="userData" :rules="rules" ref="form" @submit.native.prevent="logInUser" >

Login

        <el-form-item label="Email" prop="email">
            <el-input v-model.trim="userData.email" />
        </el-form-item>

        <div class="mb2">
            <el-form-item label="Пароль" prop="password">
                <el-input
                    v-model.trim="userData.password"
                    type="password"
                />
            </el-form-item>
        </div>

        <el-form-item>
            <el-button
                type="primary"
                native-type="submit"
                round
                :loading="loading"
                 @click="logInUser(userData)"
            >
                Войти
            </el-button>
        </el-form-item>
    </el-form>
</el-card>

</template>

middleware/admin-auth.js
export default function ({ store, redirect }) {
if (store.state.auth.loggedIn) {
return redirect('/admin/')
}
if (!store.state.auth.loggedIn) {
return redirect('/login')
}
}

store/index.js
export const getters = {
isAuthenticated(state) {
return state.auth.loggedIn
},

loggedInUser(state) {
    return state.auth.user
}

}

What problem does this feature solve?

After clicking log out (use $auth.logout() ) under the hood, it only clears the storage token, etc.. on the browser but not the session from auth0 server therefore it still remains logged in

What does the proposed changes look like?

Log out completely from Auth0 server

Hi, I wonder if this example is a best practice for other developers like me to refer to. From my testing, I can see that the token is not secured in the browser as below

How can I secure this cookie?

I already have everything set up and working on Auth0 side with a custom domain.
I tried to just change the domain on nuxt.config.js:

  auth: {
    redirect: {
      login: '/auth/login',
      callback: '/auth/signed-in'
    },
    fullPathRedirect: true,
    strategies: {
      local: false,
      auth0: {
        domain: 'customlogin.com',
        client_id: '------'
      }
    }
  }

But when I try to login I get this error from Auth0:
You should not be hitting this endpoint. Make sure to use the code snippets shown in the tutorial or visit support.auth0.com for help.

Auth0 also mention to add this to the configuration:

  overrides: {
      __tenant: config.auth0Tenant,
      __token_issuer: config.authorizationServer.issuer
  },

But I'm not sure where could I add this on NuxtJS.

Hey guys, firstly I want to say thank you for this awesome module.
My question is about to mock the $auth object when Internet is gone.
I tried some global nuxt objects but with no success. By the way, I am a beginner into Nuxt framework.
Thanks for this support.

[SOLVED] Hi, When I press log out of the "example-auth0" I am successfully being logged out of the application, but I'm not being logged out of Auth0. So when I press log in again it logged me in without asking for password or if I want to change user.

It's the exact same issue as reported here:
https://community.auth0.com/t/does-not-show-user-login-prompt-anymore-after-the-first-logging-in/16504 (it points to a solution, but how can we implement this into "example-auth0"?

Wanted result (alternative 1):
When I press logout of the "example-auth0" I should both be logged out of the application and the auth0. And when i press log in again it should ask for password. How can we make this happen?

Solution: Change the logout link to the following

href="https://AUTH0DOMAIN/v2/logout?returnTo=APPURL&clientid=AUTH0CLIENTID">Sign Off

Replace AUTH0DOMAIN and AUTH0CLIENT_ID with your credentials,
and replace APPURL with the link to your apps location on the web. Remember to include the APPURL in the APP settings in auth0.com under "Allowed Logout URLs"

Version

2.11.0

Reproduction link

https://auth0.nuxtjs.org/

Steps to reproduce

Example-Auth0 (https://github.com/nuxt/example-auth0)

I had copied this example repos to local and register like README setup file.

I still have no idea yet. But I'll try to research config in dev mode

What is expected ?

I want dev mode can open many tabs like pro mode

What is actually happening?

In dev mode, can not open more than 3 tabs browsers

Version

v4.8.5

Reproduction link

https://nuxt.federicod.dev/

Steps to reproduce

1. git clone https://github.com/nuxt/example-auth0.git;
2. set Auth0 domain and client_id into nuxt.config.js (I am not using the .env file as it seems to me that it doesn't get embedded in the SPA after running npm run build)
3. set mode: spa
4. nuxt build
5. deploy the dist folder
6. access the website and try to login with [email protected]; [email protected]
7. after the callback URL is opened, it stays stuck there

On a more complicated platform I am developing, some API calls that are made on the callback URL to populate a Vuex store all yields unauthorized error, meaning that the token doesn't get stored at all.

When running example-auth0 and the application I am developing in development mode with npm run dev, everything works fine. So I suppose that something goes wrong only after running the build command.

What is expected ?

I expect the callback URL to be opened and the token received stored.

What is actually happening?

The SPA stays stuck at the callback URL and no token is stored.

Additional comments?

Webserver: Caddy
Configuration:

nuxt.federicod.dev {
        root /root/dev/example-auth0/dist
}

No errors are shown in the console.

Should web or spa be used in auth0 with a Nuxt Universal app ?

Do I understand correctly that you do not check the JWT tokens for the validity of the signature? Judging by the source code, the username is simply retrieved from the token. And whether it was signed by Auth0 or not - there is no verification.

If this is the case, there to be needed a note about this in the README of this example. Otherwise, many programmers will create work sites on the basis of this example, in which the authorization zone will be “hacked” with any Base64-encoded JWT issued by any script.

Problem

I try to follow the README.md and install the project locally. So i run npm install and it throws me the following error in the console:

npm install
npm WARN deprecated [email protected]2.6.11: [email protected]<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of [email protected]3.
npm ERR! Unexpected end of JSON input while parsing near '...4.0","lodash.uniq":"^'

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/enux/.npm/_logs/2020-01-29T12_48_51_713Z-debug.log

How to reproduce

Clone the repository:
git clone https://github.com/nuxt/example-auth0.git
cd example-auth0

Install the dependencies:
npm install

Solution proposal

The core-js dependency should be updated inside the package.json, package-lock.json and yarn.json.

Looking for vuetify gui for auth-lock.

I want to make jumps with parameters but not query parameters.
exp:

middleware -> auth.js

import _ from 'lodash'

export default function(ctx) {
  if (!_.isEmpty(ctx.store.state.user)) {
    ctx.redirect({ name: 'index', query: { message: 'your login...' } })
  }
}

If you use the query parameters, the message will always exist when the user refreshes

Nothing to preview

From my understanding, there are three parts involved in a website:

• Client (Browser)
• Nuxt Server (For SSR)
• Backend Server (For API)

I understand that localStorage cannot be used for storing JWT token, cookie needs to be used.
But I don't understand if this is the cookie for Client -> Nuxt communication, or Nuxt -> Backend communication.
And if on the Backend Server(API), I used httpOnly, can I still use the cookie in the Nuxt Server to store the data?
From my understanding, it should not be since Nuxt is the middle layer for rendering. If it is so, what is the way to correctly store JWT?

Another confusion raised from this is, for nuxtServerInit, the { req } param, is this the request from Client -> Nuxt or Nuxt -> Backend?

Sorry for all these questions, I searched a lot online but can't seem to find answers to these questions which I belive will help others as well.
Thanks for the help.

No parser and no filepath given, using 'babel' the parser now but this will throw an error in the future. Please specify a parser or a filepath so one can be inferred.

I have tried a lot of methods and can't solve it. Ask for help.

What problem does this feature solve?

test