-
-
Notifications
You must be signed in to change notification settings - Fork 127
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve middleware to fully abort a navigation when the server-side auth check failed #100
Comments
This is actually a Nuxt 3 problem and not a As soon as Nuxt 3.1.0 is released (appearently this december), this issue should be fixed. Leaving it open until then. |
It is not a Nuxt 3 problem! The problem occurs when you use your own custom login page. The current middleware does not cover this case. I solved the problem with my own middleware
One approach could be as follows, but I have no idea how to get the settings for the "pages" that are defined in the NuxtAuthHandler
|
Hey @endorfin! Thanks for the headsup, will look into this ASAP and release a fix if possible (: |
Heya @endorfin 👋 I think you may be describing a different issue: You talk about re-directs to custom login pages, but the issue is about short visibility of protected pages. AFAIU your issue could be resolved via a new condfiguration option that allows you to specify custom login pages that the global auth middleware knows of. Do you want to open a new issue for that? |
No, I had exactly that problem. I created a custom login page, specified it in the NuxtAuthHandler and enabled GlobalAppMiddleware in nuxt.config. If you are not logged in, all content of the protected pages are visible for a short time before redirecting to the login page. But as I said, the problem only occurs with a custom login page. I suspect that the method "signIn" does not return the correct value and the RouteMiddleware does not stop and display the page. Later the "signIn" method redirects to the login page. |
|
I'm actually able to reproduce it with both our playground and our demo-app that do not have custom login pages. Test it out here: https://nuxt-auth-example.sidebase.io/ Clicking "globally protected" there you will shortly see the page content before going to the standard log in page of the module. Plus: browbeat did not report having a custom login page, you first brought this up. Not saying that there's not an improvement to be made for the cust-page redirect, but just saying that this is two different problems:
|
It's all about the return value in the defineNuxtRouteMiddleware ;)
is not valid and blocks not the navigation |
Hm, under the hood
This however gives me a lead to look into: See if problem is resolved by returning |
Investigated: We can resolve this by This issue was resolved via 0568254 🎊 Release will happen soon (: |
Describe the feature
Browbeat on discord reported that components still shortly flash to the end-user even iof the auth middleware detected that the user is not logged in. It's the expectation that we should be able to navigate away on the server side, so that the content is not visible to the end-user.
Additional information
No response
The text was updated successfully, but these errors were encountered: