feat: added token, refreshToken cookieName option (#654)

* feat: token,refreshTokens custom cookieName with options * docs: custom cookieName with options in ProviderLocal,ProviderRefresh * typo * Change the default delimiter for cookieName from : to . * typo --------- Co-authored-by: Zoey <[email protected]>
sidebase · Feb 29, 2024 · aed6069 · aed6069
1 parent 7a4ee79
commit aed6069
Show file tree

Hide file tree

Showing 5 changed files with 40 additions and 2 deletions.
diff --git a/docs/content/2.configuration/2.nuxt-config.md b/docs/content/2.configuration/2.nuxt-config.md
@@ -193,6 +193,13 @@ type ProviderLocal = {
      * @example Beer
      */
     type?: string,
+    /**
+     * It refers to the name of the property when it is stored in a cookie.
+     *
+     * @default auth.token
+     * @example auth._token
+     */
+    cookieName?: string,
     /**
      * Header name to be used in requests that need to be authenticated, e.g., to be used in the `getSession` request.
      *
@@ -323,6 +330,13 @@ type ProviderRefresh = {
      * @example Beer
      */
     type?: string,
+    /**
+     * It refers to the name of the property when it is stored in a cookie.
+     *
+     * @default auth.token
+     * @example auth._token
+     */
+    cookieName?: string,
     /**
      * Header name to be used in requests that need to be authenticated, e.g., to be used in the `getSession` request.
      *
@@ -365,6 +379,13 @@ type ProviderRefresh = {
      * @example /       Access the root of the sign-in response object, useful when your endpoint returns a plain, non-object string as the refreshToken
      */
     signInResponseRefreshTokenPointer?: string
+    /**
+     * It refers to the name of the property when it is stored in a cookie.
+     *
+     * @default auth.refresh-token
+     * @example auth._refresh-token
+     */
+    cookieName?: string,
     /**
      * Maximum age to store the authentication token for. After the expiry time the token is automatically deleted on the application side, i.e., in the users' browser.
      *

diff --git a/src/module.ts b/src/module.ts
@@ -52,6 +52,7 @@ const defaultsByBackend: {
     token: {
       signInResponseTokenPointer: '/token',
       type: 'Bearer',
+      cookieName: 'auth.token',
       headerName: 'Authorization',
       maxAgeInSeconds: 30 * 60,
       sameSiteAttribute: 'lax'
@@ -75,12 +76,14 @@ const defaultsByBackend: {
     token: {
       signInResponseTokenPointer: '/token',
       type: 'Bearer',
+      cookieName: 'auth.token',
       headerName: 'Authorization',
       maxAgeInSeconds: 5 * 60,
       sameSiteAttribute: 'none' // 5 minutes
     },
     refreshToken: {
       signInResponseRefreshTokenPointer: '/refreshToken',
+      cookieName: 'auth.refresh-token',
       maxAgeInSeconds: 60 * 60 * 24 * 7 // 7 days
     },
     sessionDataType: { id: 'string | number' }

diff --git a/src/runtime/composables/local/useAuthState.ts b/src/runtime/composables/local/useAuthState.ts
@@ -19,7 +19,7 @@ export const useAuthState = (): UseAuthStateReturn => {
   const commonAuthState = makeCommonAuthState<SessionData>()
 
   // Re-construct state from cookie, also setup a cross-component sync via a useState hack, see https://github.com/nuxt/nuxt/issues/13020#issuecomment-1397282717
-  const _rawTokenCookie = useCookie<string | null>('auth:token', { default: () => null, maxAge: config.token.maxAgeInSeconds, sameSite: config.token.sameSiteAttribute })
+  const _rawTokenCookie = useCookie<string | null>(config.token.cookieName, { default: () => null, maxAge: config.token.maxAgeInSeconds, sameSite: config.token.sameSiteAttribute })
 
   const rawToken = useState('auth:raw-token', () => _rawTokenCookie.value)
   watch(rawToken, () => { _rawTokenCookie.value = rawToken.value })

diff --git a/src/runtime/composables/refresh/useAuthState.ts b/src/runtime/composables/refresh/useAuthState.ts
@@ -14,7 +14,7 @@ export const useAuthState = (): UseAuthStateReturn => {
   const localAuthState = useLocalAuthState()
   // Re-construct state from cookie, also setup a cross-component sync via a useState hack, see https://github.com/nuxt/nuxt/issues/13020#issuecomment-1397282717
   const _rawRefreshTokenCookie = useCookie<string | null>(
-    'auth:refresh-token',
+    config.refreshToken.cookieName,
     {
       default: () => null,
       maxAge: config.refreshToken.maxAgeInSeconds,

diff --git a/src/runtime/types.ts b/src/runtime/types.ts
@@ -138,6 +138,13 @@ export type ProviderLocal = {
      * @example Beer
      */
     type?: string;
+    /**
+     * It refers to the name of the property when it is stored in a cookie.
+     *
+     * @default auth.token
+     * @example auth._token
+     */
+    cookieName?: string;
     /**
      * Header name to be used in requests that need to be authenticated, e.g., to be used in the `getSession` request.
      *
@@ -210,6 +217,13 @@ export type ProviderLocalRefresh = Omit<ProviderLocal, 'type'> & {
      * @example /       Access the root of the sign-in response object, useful when your endpoint returns a plain, non-object string as the token
      */
     signInResponseRefreshTokenPointer?: string;
+    /**
+     * It refers to the name of the property when it is stored in a cookie.
+     *
+     * @default auth.refresh-token
+     * @example auth._refresh-token
+     */
+    cookieName?: string;
     /**
      * Maximum age to store the authentication token for. After the expiry time the token is automatically deleted on the application side, i.e., in the users' browser.
      *