auth-module: Authentication does not occur after callback on statically generated nuxt site

Version

v4.5.1

Reproduction link

https://github.com/nuxt-community/auth-module

Steps to reproduce

Set a valid github key/secret in the nuxt config for the demo example. Use nuxt generate to produce a static build. Run http-server ./ in the dist folder. Try authenticate with github by going to /login and clicking the github button.

What is expected ?

The user should be authenticated after github redirects to the callback

What is actually happening?

Github redirects to /callback, but the user is not authenticated. The strategy in Vuex is reset to “local”.

Additional comments?

This only effects static sites, I have not run into this issue when running the application normally. I have reproduced this in a private repo deployed to netlify as well.

<div align="right">This bug report is available on Nuxt community (#c277)</div>

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Reactions: 13
  • Comments: 37 (5 by maintainers)

Most upvoted comments

Can confirm that had the same issue, callback redirect worked like a charm in dev, but when uploaded to Netlify, it didn’t redirect. Adding trailing slashes (which Netlify adds by default) solved and callback redirect is now working.

There has got to be a fix for this, it’s a ridiculous thing to try and hunt down, took me 2 hours of googling to get to this thread!

+8
altryne on Mar 26, 2020

Actually GitHub auth is not supported yet on static generation since it need a serverMiddleware to generate the access token based on a secret key.

+4
Atinux on Feb 12, 2020

I finally got it working on my side. In nuxt.config.js I had to switch the mode from Universal to SPA. After that I re-ran generate and it started working. Simple as that.

I must say I’m pretty confused as to why that is working because I thought that the mode should make no difference when generating static pages, but there it is.

+4
dominikmontada on Feb 26, 2019

It’s not working at my side (npm run generate): “@nuxtjs/auth”: “^4.8.4” “@types/nuxtjs__auth”: “^4.8.1”,

Im using the auth0 provider, after the callback i check if the user is logged in. this.$auth.loggedIn

This always returns false, im then getting redirect back to auth0 to login (which i am). This results in a never ending loop.

+3
DjustinK on Nov 19, 2019

I had a similar issue caused by the trailing / on my redirect uri. Static S3 sites don’t play well with a SPA that has routing to a page (i.e. a redirect uri of https://mycoolsite.com/auth won’t work but a https://mycoolsite.com/auth/ will) so we set the redirect uri to include the trailing slash in the OAuth server’s config.

To make the nuxt auth module work I had to define both the redirect callback option and the redirectUri in the nuxt.config.ts:

auth: {
    redirect: {
      callback: '/auth/' // need this for the auth module to know what path to execute the auth code callback
    },
    strategies: {
      oauth2: {
        scheme: 'oauth2',
        // ...
        redirectUri: 'https://mycoolsite.com/auth/', // need this so that we can define the redirect URI with a trailing slash since auth module removes it by default and static s3 sites need it
      }
    }

When I tried to put just redirect: { callback: '/auth/' } the auth module would remove the trailing slash before sending it to the auth endpoint as the redirectUri query param, which wasn’t working. When I added the redirectUri property to the oauth strategy and removed the ‘callback’ property it failed again because the auth module was looking for the default callback/redirectUri (/login) and not the explicit one I defined in the strategy.

Hence I had to define both the full redirectUri and the redirect.callback path (not sure if the redirect.callback needs the trailing slash to work or not).

I hope this helps someone.

+2
yoshutch on Jul 21, 2021

Any way we can get this out of a closed status until that’s working?

+2
montoulieu on Feb 18, 2020

Hey, I’m experiencing this very same issue with static site generation:

 ssr: false,
 target: 'static',

 "nuxt": "^2.14.6",
 "@nuxt/content": "^1.9.0",
 "@nuxtjs/auth-next": "^5.0.0-1610115973.9fdaa66",

I tried the trailing slash and didn’t work either.

+1
eramosr16 on Jan 13, 2021

handling authentication is in nature pretty complex specially if you are going to handle lots of providers. OAuth tries to unify but still leaves lots of space for diversity. But honestly, a trailing slash should not be among long lasting problems. I’m not confidence enough in Vue related things but this should be a simple check to fix.

+1
mohamnag on Feb 26, 2020

@mohamnag Unfortunately after browsing a lot of similar issues I am getting the idea that this module isn’t exactly production ready. Even the fixes implemented in the PR mentioned above fixed it for some and didn’t for others.

+1
maxiride on Feb 26, 2020

I’m experiencing same problem after deploying a generated SPA on GitLab Pages. It tends to redirect all URLs to one with trailing / so after callback, I don’t get redirected to home page. If this is al hanging on one trailing slash, this is clearly a bug and don’t see why this should be closed!!

+1
mohamnag on Feb 26, 2020

I see this issue is closed, but something is clearly not working properly.

  auth: {
    strategies: {
      github: {
        client_id: process.env.GITHUB_CLIENT_ID,
        client_secret: process.env.GITHUB_CLIENT_SECRET
      },
    }
  },

I’m building a new app on Netlify and trying to use a simple Github auth config and it has the same redirect loop issue I referenced here when being built in both spa and universal mode. It works perfectly on npm run dev but it is holding up my ability to launch this app live.

+1
montoulieu on Jan 20, 2020

Also having the same issue, and I think I found the code to blame. /user/auth is my oauth2 callback

image

The trailing slash shoud be removed (or added to the redirect callback option?)

So the callback handler will fail for sure: https://github.com/nuxt-community/auth-module/blob/dev/lib/schemes/oauth2.js#L128

Will test a bit more and will try to make a PR.

A quick workaround without a PR and new release needed is to add a trailing slash to the callback endpoint.

There’s also another bug and unrelated to this it seems. When the website is statically generated, the callback endpoint doesn’t change the strategy automatically (ie, it keeps the local strategy). A workaround for this is to set it explicitely in the mouted function for example and then fetchUser to retrieve the user.

+1
rasgo-cc on Dec 27, 2019

I’ve created a PR/branch which fixes this for me, and a PR in https://github.com/nuxt-community/auth-module/issues/452.

While we’re waiting for that to get merged, you can use it in your sites with

$ npm install https://github.com/jakul/auth-module.git#fix/allow-callbacks-to-static-sites
+1
jakul on Sep 12, 2019

Hi, I’m having the same issue :

  • When I use npm run generate with modes universal OR spa : Auth0 redirect to /callback, but then no redirection to my home and no authentification (user is still null in the store).
  • When I use npm run dev, everything works.

I have this both on my own code and when using the /examples/demo folder.

Using spa mode does not solve the issue.

After searching into the code, I found this : https://github.com/nuxt-community/auth-module/blob/dev/lib/schemes/oauth2.js#L131-L134 So actually it seems it’s willingly blocked in the code, no ?

If someone has this working, is it possible to publish it on a repo ? 🙏 Thanks

I got the same problem. When oauth0 redirect back to callback path, auth module won’t fetch user, but npm run dev works.

version

v4.8.1

nuxt.config.js

mode spa

+1
HughesWang on Aug 25, 2019

Using nuxt generate + auth module for https://blog.lichter.io/ and haven’t seen such an issue. Mode was/is universal

+1
manniL on Jul 21, 2019
Read more comments on GitHub
← auth-module: auth stuck at the callback URL — not storing Auth0 token [SPA mode]
auth-module: $auth.loginWith() not working →