Skip to content

Commit

Permalink
fix: important to set sameSiteAttribute to lax for refresh
Browse files Browse the repository at this point in the history
  • Loading branch information
dommi10 committed Nov 22, 2023
1 parent cd52d3b commit 6b37b4d
Show file tree
Hide file tree
Showing 3 changed files with 2 additions and 24 deletions.
1 change: 1 addition & 0 deletions playground-refresh/nuxt.config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ export default defineNuxtConfig({
token: {
signInResponseTokenPointer: "/token/accessToken",
maxAgeInSeconds: 60 * 5, // 5 min
sameSiteAttribute: "lax",
},
refreshToken: {
signInResponseRefreshTokenPointer: "/token/refreshToken",
Expand Down
24 changes: 0 additions & 24 deletions src/runtime/composables/refresh/useAuthState.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,6 @@ import { useRuntimeConfig, useCookie, useState } from "#imports";
type UseAuthStateReturn = ReturnType<typeof useLocalAuthState> & {
rawRefreshToken: CookieRef<string | null>;
refreshToken: ComputedRef<string | null>;
rawToken: CookieRef<string | null>;
token: ComputedRef<string | null>;
};

export const useAuthState = (): UseAuthStateReturn => {
Expand All @@ -24,47 +22,25 @@ export const useAuthState = (): UseAuthStateReturn => {
}
);

// Re-construct state from cookie, also setup a cross-component sync via a useState hack, see https://github.com/nuxt/nuxt/issues/13020#issuecomment-1397282717
const _rawTokenCookie = useCookie<string | null>("auth:token", {
default: () => null,
maxAge: config.token.maxAgeInSeconds,
sameSite: "lax",
});

const rawRefreshToken = useState(
"auth:raw-refresh-token",
() => _rawRefreshTokenCookie.value
);

const rawToken = useState("auth:raw-token", () => _rawTokenCookie.value);

watch(rawRefreshToken, () => {
_rawRefreshTokenCookie.value = rawRefreshToken.value;
});

watch(rawToken, () => {
_rawTokenCookie.value = rawToken.value;
});

const refreshToken = computed(() => {
if (rawRefreshToken.value === null) {
return null;
}
return rawRefreshToken.value;
});

const token = computed(() => {
if (rawToken.value === null) {
return null;
}
return rawToken.value;
});

const schemeSpecificState = {
refreshToken,
rawRefreshToken,
rawToken,
token,
};

return {
Expand Down
1 change: 1 addition & 0 deletions src/runtime/server/plugins/refresh-token.server.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ export default defineNuxtPlugin({
async setup(nuxtApp) {
const { rawToken, rawRefreshToken, refreshToken, token, lastRefreshedAt } =
useAuthState();

if (refreshToken.value && token.value) {
const config = nuxtApp.$config.public.auth;
const configToken = useTypedBackendConfig(useRuntimeConfig(), "refresh");
Expand Down

0 comments on commit 6b37b4d

Please sign in to comment.