-
-
Notifications
You must be signed in to change notification settings - Fork 171
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add documentation to refresh token schema
- Loading branch information
Showing
5 changed files
with
306 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -91,20 +91,69 @@ and return a token that can be used to authenticate future requests in the respo | |
} | ||
``` | ||
|
||
### Provider: `refresh` | ||
|
||
The refresh provider does not require any additional steps, as it relies on an already existing backend. By default, the `refresh` provider will try to reach this backend using the following default-configuration: | ||
```ts | ||
{ | ||
baseURL: '/api/auth', | ||
endpoints: { | ||
signIn: { path: '/login', method: 'post' }, | ||
signOut: { path: '/logout', method: 'post' }, | ||
signUp: { path: '/register', method: 'post' }, | ||
getSession: { path: '/session', method: 'get' } | ||
refresh: { path: '/refresh', method: 'post' }, | ||
} | ||
} | ||
``` | ||
|
||
So when you call the `signIn` method, the endpoint `/api/auth/login` will be hit with the `username` and `password` you pass as a body-payload. You likely have to modify these parameters to fit to your backend - you can adjust these parameters in your `nuxt.config.ts` using the options [specified here](/nuxt-auth/v0.6/configuration/nuxt-config). | ||
|
||
Note: The backend can also be in the same Nuxt 3 application, e.g., have a look at this example in the `nuxt-auth` repository: | ||
- [full nuxt app](https://github.com/sidebase/nuxt-auth/tree/main/playground-refresh) | ||
- its [backend](https://github.com/sidebase/nuxt-auth/tree/main/playground-refresh/server/api/auth) | ||
- its [`nuxt.config.ts`](https://github.com/sidebase/nuxt-auth/blob/main/playground-refresh/nuxt.config.ts) | ||
|
||
::alert{type="info"} | ||
The linked example-implementation only serves as a starting-point and is not considered to be secure. | ||
:: | ||
|
||
The backend must accept a request with a body like: | ||
```ts | ||
{ | ||
username: '[email protected]', | ||
password: 'hunter2' | ||
} | ||
``` | ||
|
||
and return a token that can be used to authenticate future requests in the response body, e.g., like: | ||
```ts | ||
{ | ||
tokens: { | ||
accessToken: 'eyBlaBlub' | ||
refreshToken: 'eyBlaubwww' | ||
} | ||
} | ||
``` | ||
|
||
So when you call the `refresh` method, the endpoint `/api/auth/refresh` will be hit with the `refreshToken` you pass as a body-payload. You likely have to modify these parameters to fit to your backend - you can adjust these parameters in your `nuxt.config.ts` using the options [specified here](/nuxt-auth/v0.6/configuration/nuxt-config). | ||
|
||
## Finishing up | ||
|
||
That's it! You can now use all user-related functionality, for example: | ||
|
||
::code-group | ||
```ts [Application side] | ||
// file: e.g ~/pages/login.vue | ||
const { status, data, signIn, signOut } = useAuth() | ||
const { status, data, signIn, signOut, refresh } = useAuth() | ||
|
||
status.value // Session status: `unauthenticated`, `loading`, `authenticated` | ||
data.value // Session data, e.g., expiration, user.email, ... | ||
|
||
await signIn() // Sign in the user | ||
await refresh() // Refresh the token | ||
await signOut() // Sign out the user | ||
|
||
``` | ||
```ts [authjs: Server side] | ||
// file: e.g: ~/server/api/session.get.ts | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters