General options shared with all strategies. See defaults.js for defaults.
Default:
redirect: {
login: '/login',
logout: '/',
callback: '/login',
user: '/'
}
login
: User will be redirected to this path if login is required.logout
: User will be redirected to this path if after logout, current route is protected.callback
: User will be redirect to this path by the identity provider after login. (Should match configuredAllowed Callback URLs
(or similar setting) in your app/client with the identity provider)user
: User will be redirected to this path after login and callback is processed. (rewriteRedirects
will rewrite this path)
Each redirect path can be disabled by setting to false
.
Also you can disable all redirects by setting redirect
to false
Auth tokens are stored in various storage providers (cookie, localStorage, vuex) on user login to provide a seamless auth experience across server-side rendering (SSR) and client-side rendering. Tokens are stored under with storage keys of the format: {storageProvider.prefix}{token.prefix}{strategy
}. See auth.js - Token helpers and storage.js for more details.
Default:
token: {
prefix: '_token.'
}
- prefix - Default prefix used in building a key for token storage across all storage providers.
Default:
localStorage: {
prefix: 'auth.'
}
- prefix - Default token prefix used in building a key for token storage in the browser's localStorage.
You can disable use of localStorage by setting localStorage
to false
, like so:
localStorage: false
Otherwise the auth token will be stored in localStorage at a default key of: auth._token.{provider}
.
Default:
cookie: {
prefix: 'auth.',
options: {
path: '/'
}
}
- prefix - Default token prefix used in building a key for token storage in the browser's localStorage.
- options - Additional cookie options, passed to js-cookie
set
andget
functions. See full details on options they support and their defaults here, which includes:path
- path where the cookie is visible. Default is '/'.expires
- can be used to specify cookie lifetime inNumber
of days or specificDate
. Default is session only.domain
- domain (and by extension subdomain/s) where the cookie is visible. Default is domain and all subdomains.secure
- sets whether the cookie requires a secure protocol (https). Default is false, should be set to true if possible.
Note: Using cookies is required for SSR requests to work with JWT tokens.
You can disable use of cookie storage by setting cookie
to false
, like so:
cookie: false
Otherwise the auth token will be stored in a cookie named by default as: auth._token.{provider}
.
If you have any nuxt plugin that depends on $auth
you have to specifiy it here instead of top-level plugins
option in nuxt.config.js
.
- Default:
false
If enabled, user will be automatically logged out if any error happens. (For example when token expired)
- Default:
true
If enabled, user will redirect back to the original guarded route instead of redirect.home
.
Default: false
If true, use the full route path with query parameters for redirect
- Default:
auth
Vuex store namespace for keeping state.
- Default:
scope
user
object property used for scope checking (hasScope
). Can be either an array or a object.