-
Notifications
You must be signed in to change notification settings - Fork 927
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authentication does not occur after callback on statically generated nuxt site #299
Comments
Having the same issue. Any update on this? |
I had some thoughts on this, but haven't had a chance to verify. I wonder if this is failing because the Github endpoint for creating the OAuth access token doesn't support CORs. I'd imagine this only fails with static sites because in universal mode the server-side part of Nuxt is handling the token callback. If this is the issue, the only solution would be to override the |
I have investigated it a little bit. I'm not using GitHub, but Social, so not sure if this applies to GitHub as well, but I guess it should. First of all, what strikes me as odd is that I have alternating results when trying to log in repeatedly and I can reproduce it 100% of the time. The first login attempt fails with a CORS problem on trying to access the When I then try to log in again without reloading the page, I'm being forwarded as usual to my IdP, can login, and the callback is performed. However, as described in the original post, the authentication then stalls on the callback. Nothing about any CORS error whatsoever. These two patterns keep alternating no matter how many times I try, and reset once I reload the page. |
I've dug a little deeper and am pretty sure that it has nothing to do with CORS. First of all, my problem with the alternating pattern was simply caused by an old cookie when I ran the app in non-static mode. In incognito mode it does not occur. It's still a very strange behavior and definitely not correct, but anyway. As for CORS: to make sure that it has nothing to do with it, I set up a local Docker environment with Keycloak, Nuxt, and a Nginx reverse proxy to serve the static files and proxy requests to Keycloak. I also set it up to add CORS headers. This solved the problem of the Unless I screwed something up with setting all of that up, it should have no relation to CORS. I feel like that some necessary JS is simply not executed, or that the store, which holds the auth state, is not working in static mode. However I'm only guessing here... |
I finally got it working on my side. In nuxt.config.js I had to switch the mode from Universal to SPA. After that I re-ran generate and it started working. Simple as that. I must say I'm pretty confused as to why that is working because I thought that the mode should make no difference when generating static pages, but there it is. |
@dominikmontada Thank you! My $auth.$state.loggedIn value always return false after refresh the page when the user already logged in. So I did what you mentioned, changed to "universal" to "spa", then generate again, and finally got it working! Thanks :) But now there's the doubt why is this happening on universal? |
Ran into this also — tried various methods to persist state on page refresh figuring that was the problem, but the only thing that worked for me as well to get the authentication middleware to properly work when logged in was changing from "universal" to "spa." |
I'm unfortunately getting this issue with a new nuxt install and auth module for Google oauth. Works great when running dev, but build and generate loop me back to login on both my local machine and netlify. I already had my nuxt.config.js set to 'spa' instead of 'universal' which has me wondering what could be wrong here. 🤔 Any help would be greatly appreciated! |
Using |
Hi,
I have this both on my own code and when using the Using After searching into the code, I found this : https://github.com/nuxt-community/auth-module/blob/dev/lib/schemes/oauth2.js#L131-L134 If someone has this working, is it possible to publish it on a repo ? 🙏 Thanks |
Ok so I got it working by using the module with version 4.7.0 (2 months ago).
A short term solution, waiting to understand more why it cannot be used anymore with static mode. See this line https://github.com/nuxt-community/auth-module/blob/dev/lib/schemes/oauth2.js#L131-L134 |
I got the same problem. versionv4.8.1 nuxt.config.jsmode |
@atinux Can you help here? You introduced the code that causes this in #381 auth-module/lib/schemes/oauth2.js Lines 131 to 134 in ea08d39
|
I've created a PR/branch which fixes this for me, and a PR in #452. While we're waiting for that to get merged, you can use it in your sites with
|
It's not working at my side (npm run generate): Im using the auth0 provider, after the callback i check if the user is logged in. This always returns false, im then getting redirect back to auth0 to login (which i am). |
Also having the same issue, and I think I found the code to blame. The trailing slash shoud be removed (or added to the redirect callback option?) So the callback handler will fail for sure: https://github.com/nuxt-community/auth-module/blob/dev/lib/schemes/oauth2.js#L128 Will test a bit more and will try to make a PR. A quick workaround without a PR and new release needed is to add a trailing slash to the There's also another bug and unrelated to this it seems. When the website is statically generated, the callback endpoint doesn't change the strategy automatically (ie, it keeps the |
I see this issue is closed, but something is clearly not working properly.
I'm building a new app on Netlify and trying to use a simple Github auth config and it has the same redirect loop issue I referenced here when being built in both spa and universal mode. |
@montoulieu check my comment above. You might be able to fix it by making sure you add a trailing slash to your endpoint. Without that, it worked with |
Thanks for the advice @rasgo-cc, unfortunately I'm still getting the same redirect loop behavior that takes me back to my login page. The auth state also has a user of null with false for logged in. Pretty frustrating. |
I have the same problem and I dont understand how to implement your solution @rasgo-cc |
Actually GitHub auth is not supported yet on static generation since it need a serverMiddleware to generate the access token based on a secret key. |
Any way we can get this out of a closed status until that's working? |
I stumbled upon the same issue (being stuck at the callback page). After reading everything I'm still a hella lot confused on the flow and decisions made to block the authentication flow. What should be done if one wants to deploy an SPA with Auth? |
@maxiride |
I'll give it a try. Is there also any difference in deploying with |
I'm experiencing same problem after deploying a generated SPA on GitLab Pages. It tends to redirect all URLs to one with trailing |
@mohamnag Unfortunately after browsing a lot of similar issues I am getting the idea that this module isn't exactly production ready. Even the fixes implemented in the PR mentioned above fixed it for some and didn't for others. |
handling authentication is in nature pretty complex specially if you are going to handle lots of providers. OAuth tries to unify but still leaves lots of space for diversity. But honestly, a trailing slash should not be among long lasting problems. I'm not confidence enough in Vue related things but this should be a simple check to fix. |
My solution was to move my app from Netlify to Heroku. I changed the mode to universal and now although out of my favorite hosting company, I benefit from SSR. =) And the auth module is working like a charm. |
Can confirm that had the same issue, callback redirect worked like a charm in dev, but when uploaded to Netlify, it didn't redirect. There has got to be a fix for this, it's a ridiculous thing to try and hunt down, took me 2 hours of googling to get to this thread! |
Hey, I'm experiencing this very same issue with static site generation:
I tried the trailing slash and didn't work either. |
Hello there, experiencing the exact same issue. No way to get a Google Auth working in
|
Since we don't have your authentication setup, it's almost impossible for us to track this down. We need your help. Please either post a repro (e.g. on codesandbox), or stick a breakpoint in the execution and debug the root cause. |
I got similar issue fixed by changing token url
hope it helps someone. thankyou. |
I had a similar issue caused by the trailing To make the nuxt auth module work I had to define both the redirect callback option and the redirectUri in the nuxt.config.ts:
When I tried to put just Hence I had to define both the full redirectUri and the redirect.callback path (not sure if the redirect.callback needs the trailing slash to work or not). I hope this helps someone. |
My oauth2 flow with |
It's never too late, I was able to solve it but my case is with SSR: true, my problem is similar except that it happened in some Samsung browsers where logging with Google worked always the first time. But when I entered and left several times it stopped working. Debugging i saw auth write cookies with the Bearer token but inmediatly set all auth to false. What I did was disable autoFetch in Google's config.
in my backend I returned the user and token. |
Version
v4.5.1
Reproduction link
https://github.com/nuxt-community/auth-module
Steps to reproduce
Set a valid github key/secret in the nuxt config for the demo example.
Use
nuxt generate
to produce a static build.Run
http-server ./
in the dist folder.Try authenticate with github by going to /login and clicking the github button.
What is expected ?
The user should be authenticated after github redirects to the callback
What is actually happening?
Github redirects to /callback, but the user is not authenticated. The strategy in Vuex is reset to "local".
Additional comments?
This only effects static sites, I have not run into this issue when running the application normally. I have reproduced this in a private repo deployed to netlify as well.
The text was updated successfully, but these errors were encountered: