sidebase
User gets logged out when the user endpoint encounters any kind of error (Not just 401)
Environment
- Operating System: Darwin
- Node Version: v20.18.1
- Nuxt Version: 3.15.4
- CLI Version: 3.21.1
- Nitro Version: 2.10.4
- Package Manager: [email protected]
- Builder: -
- User Config: compatibilityDate, devtools, css, app, modules, postcss, vite, runtimeConfig, auth
- Runtime Modules: @pinia/[email protected], @nuxt/[email protected], @sidebase/[email protected]
- Build Modules: -
Reproduction
Mock the response of the user endpoint so that it doesn't get a 200 response; anything other than a 401 error would be fine.
Describe the bug
When the API call for the user endpoint gets an error, the user gets logged out. This is an unwanted behavior for our use case. We only want to log out the user when an API call gets a 401 error. Other cases could be temporary network or server issues and logging out the user is an extreme reaction because the issue is very likely to be resolved with a refresh (assuming the JWT token is still valid).
Additional context
@nuxtjs/auth-next module had a config called resetOnError which could be set to false and we could override the error behavior by setting $auth.onError handler. I couldn't find a similar config in this module.
Logs
This is an example error log of the scenario I described.
Our website could only be accessed via a VPN and if you open the website without that VPN, you get logged out.
This would be annoying for the users.
ERROR Session: unable to extract session, [GET] "https://some.domain.com/api/user/": 403 Forbidden
@phoenix-ru
I'd be happy to help you develop this feature. If that's OK with you, what solution do you think is better to be implemented?
These are some of the possible options we could choose from:
- Only log out the user if the request has actually received a 401 status.
- Give the developer an option to disable the default behavior and provide a callback function for the
catchblock ofgetSession - What else?
Also, meanwhile, is there any workaround I could use to use this module with my expected behavior?
Hi @sadeghi-aa , this will be covered as a part of #964 , you will have a hook for handling the errors in any of the NuxtAuth functions (including getSession).
At the moment I can't really suggest you anything. Have you solved it in the meantime?
Hello @phoenix-ru
Yeah, that would work for me too. Right now I've patched these sections:
https://github.com/sidebase/nuxt-auth/blob/fba0eeae695dd95ecadfa86bb66a07d600a4380c/src/runtime/utils/fetch.ts#L6
I added a throwRawError = false parameter to the _fetch function. Then:
https://github.com/sidebase/nuxt-auth/blob/fba0eeae695dd95ecadfa86bb66a07d600a4380c/src/runtime/utils/fetch.ts#L24-L40
At the beginning of the catch block, I check if throwRawError is set to true. If yes, I throw the error and "override" the current behavior of it. This was necessary for me to check the status code of the error in getSession. And finally in getSession:
https://github.com/sidebase/nuxt-auth/blob/fba0eeae695dd95ecadfa86bb66a07d600a4380c/src/runtime/composables/local/useAuth.ts#L141
I call the _fetch function with true for my new throwRawError parameter. And finally:
https://github.com/sidebase/nuxt-auth/blob/fba0eeae695dd95ecadfa86bb66a07d600a4380c/src/runtime/composables/local/useAuth.ts#L151-L152
I only run these lines if err?.status is 401 which of course is very specific for my own use case.
May I know if the throwRawError options is available in the latest version or we need to make the change ourselves?
