Need help with @sidebase/nuxt-auth local provider
When I try to set
httpOnly attribute to true for token and refreshToken in nuxt.config.ts file, the cookies for them are not showing up in the Cookies section in Application tab of chrome devtools. Due to this, on subsequent page refresh it is throwing me to login page again This is working perfectly fine for secureCookieAttribute when set to true.
Expected behavior: They should be visible with the HttpOnly column marked as tick in the Cookies section.2 Replies
Hi @Aniket Pawar. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
----------------------
Based on the information provided in the knowledge sources, I don't have enough specific details about the
@sidebase/nuxt-auth local provider or its configuration in nuxt.config.ts to directly address your issue. However, I can provide some general insights about HTTP-only cookies in Nuxt that might be helpful:
1. HTTP-only cookies are designed to be inaccessible to JavaScript, which is why they don't show up in the Application tab of Chrome DevTools. This is actually the expected behavior for security reasons.
2. The httpOnly attribute, when set to true, prevents client-side access to the cookie. As mentioned in the useCookie documentation (https://nuxt.com/docs/api/composables/use-cookie#httponly):
"Be careful when setting this to true, as compliant clients will not allow client-side JavaScript to see the cookie in document.cookie."
3. If you're using useCookie to set these cookies, make sure you're setting the httpOnly option correctly:
4. If the cookies are truly not being set (rather than just not visible in DevTools), you might want to check your server-side code to ensure the cookies are being properly set in the response headers.
5. For debugging, you can check the Network tab in DevTools instead. Look at the response headers for your API calls to see if the Set-Cookie header is present with the correct attributes.
6. If you're using server-side rendering, make sure you're handling the cookies correctly on both the server and client side.
If you continue to have issues, you might want to check the specific documentation for @sidebase/nuxt-auth or open an issue in their GitHub repository, as this seems to be a third-party module and not part of core Nuxt.
Nuxt Cookie Composable Documentation (https://nuxt.com/docs/api/composables/use-cookie#httponly)
----------------------
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
----------------------<@393317827186130964> Kapa.ai is still learning and improving, please let me know how I did by reacting below.