From 563976917a50b1b7fd136a963608bf947a18704b Mon Sep 17 00:00:00 2001 From: "laurens.dhondt@pauwelsconsulting.com" Date: Wed, 24 Jul 2024 10:43:13 +0200 Subject: [PATCH] https://github.com/sidebase/nuxt-auth/issues/721 --- starters/authjs-github/nuxt.config.ts | 24 ++++++ .../authjs-github/server/api/auth/[...].ts | 73 ++++++++++++------- 2 files changed, 72 insertions(+), 25 deletions(-) diff --git a/starters/authjs-github/nuxt.config.ts b/starters/authjs-github/nuxt.config.ts index f2ce886..f178c6d 100644 --- a/starters/authjs-github/nuxt.config.ts +++ b/starters/authjs-github/nuxt.config.ts @@ -6,6 +6,30 @@ export default defineNuxtConfig({ '@sidebase/nuxt-auth' ], auth: { + // @zoey-kaiser STEP_1: I've added github as defaultprovider. + // According to the documentation: + + // Select the default-provider to use when signIn is called. Setting this + // here will also affect the global middleware behavior. For instance, when + // you set it to github and the user is unauthorized, they will be directly + // forwarded to the Github OAuth page instead of seeing the app-login page. + + // @zoey-kaiser: OBSERVED BEHAVIOR: Clicking on a secured page with the defaultProvider + // correctly bypasses the app-login page. However, navigating directly to the page + // results in the "bug" described. + + // Since I want my entire application to be behind authentication, my app + // always redirects to the app-login page. This also leads to the following ERROR: + + // [nuxt] [request error] [unhandled] [500] The first argument must be of type string + // or an instance of Buffer, ArrayBuffer, Array, or an Array-like Object. Received + // an instance of URLSearchParams + + provider: { + type: 'authjs', + defaultProvider: 'github', + }, + globalAppMiddleware: { isEnabled: true, allow404WithoutAuth: true, diff --git a/starters/authjs-github/server/api/auth/[...].ts b/starters/authjs-github/server/api/auth/[...].ts index 40bff2a..3efc644 100644 --- a/starters/authjs-github/server/api/auth/[...].ts +++ b/starters/authjs-github/server/api/auth/[...].ts @@ -4,38 +4,61 @@ import { NuxtAuthHandler } from '#auth' export default NuxtAuthHandler({ secret: process.env.AUTH_SECRET, - pages: { - signIn: '/auth/signin' - }, + // @zoey-kaiser STEP_2: I've disabled the custom sign in page. + // According to the documentation: + + // Select the default-provider to use when signIn is called. Setting this + // here will also affect the global middleware behavior. For instance, when + // you set it to github and the user is unauthorized, they will be directly + // forwarded to the Github OAuth page instead of seeing the app-login page. + + // @zoey-kaiser: OBSERVED BEHAVIOR: Clicking on a secured page with the defaultProvider + // correctly bypasses the app-login page. However, navigating directly to the page + // results in the "bug" described. + + // Since I want my entire application to be behind authentication, my app + // always redirects to the app-login page. This also leads to the following ERROR: + + // [nuxt] [request error] [unhandled] [500] The first argument must be of type string + // or an instance of Buffer, ArrayBuffer, Array, or an Array-like Object. Received + // an instance of URLSearchParams + + // pages: { + // signIn: '/auth/signin' + // }, + providers: [ // @ts-expect-error You need to use .default here for it to work during SSR. May be fixed via Vite at some point GithubProvider.default({ clientId: process.env.GITHUB_CLIENT_ID, clientSecret: process.env.GITHUB_CLIENT_SECRET }), - // @ts-expect-error You need to use .default here for it to work during SSR. May be fixed via Vite at some point - CredentialsProvider.default({ - name: 'Credentials', - credentials: { - email: { label: 'Email', type: 'text', placeholder: '(hint: jsmith@auth.com)' }, - password: { label: 'Password', type: 'password', placeholder: '(hint: hunter2)' }, - }, - authorize(credentials: any) { - console.warn('ATTENTION: You should replace this with your real providers or credential provider logic! The current setup is not safe') - const user = { - name: 'J Smith', - email: 'jsmith@auth.com', - } - if (credentials?.email === user.email && credentials?.password === 'hunter2') { - return user - } - else { - console.error('Warning: Malicious login attempt registered, bad credentials provided') - return null - } - }, - }), + // @zoey-kaiser: This change doesn’t impact the observed behavior, but I’ve disabled + // the local provider for now. + + // CredentialsProvider.default({ + // name: 'Credentials', + // credentials: { + // email: { label: 'Email', type: 'text', placeholder: '(hint: jsmith@auth.com)' }, + // password: { label: 'Password', type: 'password', placeholder: '(hint: hunter2)' }, + // }, + // authorize(credentials: any) { + // console.warn('ATTENTION: You should replace this with your real providers or credential provider logic! The current setup is not safe') + // const user = { + // name: 'J Smith', + // email: 'jsmith@auth.com', + // } + + // if (credentials?.email === user.email && credentials?.password === 'hunter2') { + // return user + // } + // else { + // console.error('Warning: Malicious login attempt registered, bad credentials provided') + // return null + // } + // }, + // }), ], callbacks: { session({ session }) {