Skip to content

Commit

Permalink
fix: login/logout to not use the directus handler.
Browse files Browse the repository at this point in the history 
If you call login/logout with an expired token set, it will throw a 401.
  • Loading branch information
@codiam
codiam committed Apr 27, 2023
1 parent cb800ce commit 43e896e
Showing 1 changed file with 12 additions and 11 deletions.
23 changes: 12 additions & 11 deletions src/runtime/composables/useDirectusAuth.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import { useDirectusToken } from './useDirectusToken'
export const useDirectusAuth = () => {
const config = useRuntimeConfig()
const directus = useDirectus()
const baseUrl = useDirectusUrl()
const user = useDirectusUser()
const { token, refreshToken, expires } = useDirectusToken()

Expand Down Expand Up @@ -69,14 +70,11 @@ export const useDirectusAuth = () => {
): Promise<DirectusAuthResponse> => {
removeTokens()

const response: { data: DirectusAuthResponse } = await directus(
'/auth/login',
{
method: 'POST',
body: data
},
useStaticToken
)
const response = await $fetch<{data: DirectusAuthResponse}>('/auth/login', {
baseURL: baseUrl,
body: data,
method: 'POST'
})

if (!response.data.access_token) { throw new Error('Login failed, please check your credentials.') }
setAuthCookies(response.data.access_token, response.data.refresh_token, response.data.expires)
Expand Down Expand Up @@ -130,10 +128,13 @@ export const useDirectusAuth = () => {
}

const logout = async (): Promise<void> => {
await directus('/auth/logout', {
method: 'POST',
body: { refresh_token: refreshToken.value }

await $fetch('/auth/logout', {
baseURL: baseUrl,
body: { refresh_token: refreshToken.value },
method: 'POST'
})

removeTokens()
setUser(null)
await fetchUser()
Expand Down

0 comments on commit 43e896e

Please sign in to comment.