-
-
Notifications
You must be signed in to change notification settings - Fork 172
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is there a way to make authenticated requests out of the box? #688
Comments
The docs say you have to pass the cookie explicitly for SSR, but it works without. I think Nuxt changed the default. In the api, you can get the session or token with the composables, and you have enough to know who is making the call. |
This is exactly the issue, I've used Nuxt Auth to sign in and get session data from an external API, but then I need to make requests like edit profile info and similar requests that need a valid token, so a composable provided by useAuth to make authenticated requests would be very helpful in such cases. (I'm working on implementing this now but let me know if there's a better solution to this). |
I store the info/token from the external system in the nuxt auth token. Every call to the external API goes to Nuxt server routes (nitro). This is to keep the API key to the external service secret. If you want to do that, here's something to get you started: // ./server/middleware/set-auth-context.ts
import type { Session } from "next-auth";
import type { JWT } from "next-auth/jwt";
import { getServerSession, getToken } from "#auth";
declare module "h3" {
interface H3EventContext {
authSession: Session | null;
authToken: JWT | null;
backendAccessToken: string | null;
}
}
export default defineEventHandler(async (event) => {
if (event.path.startsWith("/_")) {
return;
}
const session = await getServerSession(event);
event.context.authSession = session;
const token = await getToken({ event: event });
event.context.authToken = token;
event.context.backendAccessToken
= token?.customUserData.backendAccessToken ?? null;
}); This is using graphql codegen under the hood. export function useExternalService(event?: H3Event | null, accessToken?: string) {
const { GRAPHQL_API_KEY } = useRuntimeConfig();
const userAccessToken = accessToken ?? event?.context.backendAccessToken;
const headers: Record<string, string> = {
apiKey: GRAPHQL_API_KEY,
};
if (userAccessToken) {
headers.Authorization = `Bearer ${userAccessToken}`;
}
const client = new GraphQLClient("https://your-external-service.com", {
headers: headers,
});
return getSdk(client, loggingWrapper);
} |
I was thinking something more like this which is just a fetch method provided by useAuth composable that automatically adds Authorization header if a token exists. |
Describe the feature
I successfully managed to log in with Nuxt Auth!
Now I want to query my API from the client with a REST request using the
Authentication: Bearer token
header.I know Nuxt-Auth does this under the hood to get the context, right after logging in.
Does Nuxt Auth also provide a way to make our own authenticated requests? In the docs we have this example:
Is this all? Is there a composable, or is this out of this library's scope? Is this the recommended way to make authenticated requests within the whole application?
Thank you
How would you implement this?
No response
Additional information
Provider
The text was updated successfully, but these errors were encountered: