Skip to content

Support for custom authentication and server-side navigation filtering #80

New issue
New issue
Open
Open
Support for custom authentication and server-side navigation filtering#80
Labels
feature request
@BenjaminOddou

Description

@BenjaminOddou
BenjaminOddou
opened on Nov 8, 2025

Hello everyone,

I'm opening this issue to discuss extensibility for authentication and content authorization, as I'm facing a challenge with a custom setup.

In my Nuxt Content application, I use:

  • Supabase for user authentication.
  • A custom checkContentAccess(auth, user, 'write') function that checks an auth: { ... } object in the frontmatter to determine write permissions.

This creates a challenge for integrating Nuxt Studio:

  • Authentication: Studio's auth is hard-coded to src/module/src/runtime/server/routes/auth/github.get.ts. How can we integrate a custom provider like Supabase?
  • Authorization: The navigation API shows all files. I need to filter this tree to only show files the logged-in Supabase user has 'write' access to, based on my checkContentAccess function.

I was wondering what the recommended approach for this would be.

For Authentication (Problem 1):

Would a viable approach be to override the src/module/src/runtime/server/routes/auth/github.get.ts route? My idea is to create an "Auth Bridge":

This custom route would check for the app's Supabase session.

  • If valid, it would manually create the studio-session.
  • It would inject a "Bot" GitHub PAT (from env) into the githubToken field, just for Git operations, while populating the user's info (name, avatar) from Supabase.

Is this "Auth Bridge" principle sound, or is there a more planned/integrated way to support custom auth providers?

For Authorization (Problem 2):

Once the user is logged in, how can we filter the navigation tree on the server?

My checkContentAccess logic must run on the server for each file/folder. What would be the best way to "hook" into Studio's navigation API?

Would it be possible to introduce a feature like a content.filter option in nuxt.config.ts? This could point to a user-defined server function (e.g., studioContentFilter(item, event)) that Studio would call to determine if an item should be shown.

This would seem to require Studio's API to:

  1. Fetch the necessary frontmatter (e.g., auth).
  2. Import and execute this user-defined filter function.

Is this a direction you can consider, or is there another way to achieve server-side navigation filtering based on custom logic?

This extensibility seems crucial for apps with granular permissions.

Thanks for your consideration!

Metadata

Metadata

Assignees

No one assigned

    Labels

    feature request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions