New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(core): support server set cookies #333
Conversation
Now the server can set cookies in the response.
I also encountered this issue! |
+1 should be fixed |
This is an elegant solution to the problem I am having with users getting logged out because the token has changed server side but is not synced with the client. |
I have found some potential problems with this PR:
I need to pass several cookies back to the client, so I am thinking of setting them in nuxtServerInit instead. |
@sambrezo Thank you for the feedback! I have fixed the overwrite issue, and added options. What do you mean by with |
Hey @MathiasCiarlo, Regarding 1) I think the issue might still persist. The problem that I see is when you call Would be nice to have one of the other contributors comment on the decision whether to support server cookies at all. |
I |
I've added support for unsetting ssr cookies. The only thing remaining is to think about cookie options (link to docs). In an earlier commit, I did a simple implementation, but @sambrezo told me the options used in js-cookie are a little different than my implementation. Do we have to include options ssr, and if so, please help me out in how we can serialize js-cookie options with the current implementation :) |
Hi @MathiasCiarlo. I've proposed #360 to backport universal-storage improved storage into auth module. Would you please have a review on it? I think the difference with this PR is that here we support multiple |
Great @pi0, I'll have a look tonight :) |
@pi0 Have looked at your PR. Many nice changes, but we definitely need the multiple Set-Header calls. How can we combine the PRs? Can I raise a new PR, branched out from your branch? :) |
This fixes the issue that arises when trying to access a protected path directly(the first request to the website). The middleware tries to save the attempted, protected path to storage, so that we can redirect to the path after login. The problem was that the "auth.redirect" cookie was not set when the middleware was run server side. This PR supports cookies set server side and should fix #332, fixes #326 and fixes #134.