Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Token is stored with prefix in cookie and localstorage #113

Closed
javialon26 opened this issue Apr 3, 2018 · 3 comments
Closed

Token is stored with prefix in cookie and localstorage #113

javialon26 opened this issue Apr 3, 2018 · 3 comments
Labels
solved

Comments

@javialon26
Copy link

Version

v4.0.0

Reproduction link

https://nuxt-auth.herokuapp.com/

Steps to reproduce

  1. Login using "local" scheme.
  2. Check localstorage and cookies and you see the token with the prefix Bearer.
  3. Try to do a request with axios.
  4. The Authorization header will have 2 prefix and the token, ex: Bearer Bearer ........
  5. The request will fail beacause the authorization header is invalid.

What is expected ?

The token must be saved without the prefix because the setToken helper of axios module already set the prefix.

What is actually happening?

The token is saved with the prefix and all future request made by axios has an invalid authorization header.

  • The fetchUser method of the module has the correct authorization header because builds it own header, because of this the login process is okey, you can see this in /lib/auth/auth.js file line 251.

Additional comments?

You can see this issue in the demo site, check the localstorage "auth._token.local" key after login and "auth._token.local" cookie:
https://nuxt-auth.herokuapp.com/

This bug report is available on Nuxt.js community (#c81)
@ghost ghost added the cmty:bug-report label Apr 3, 2018
@breakingrobot
Copy link
Contributor

breakingrobot commented Apr 3, 2018
edited
Loading

@javialon26 Hi !

Thank you for your bug report, confirmed as a bug on the demo site using the following command while logged in:

$nuxt.$axios.get('api/auth/user');

This will automatically returns the following:

UnauthorizedError: Format is Authorization: Bearer [token]

As the request headers are composed by an invalid Authorization header:

Authorization: Bearer Bearer token

This is most likely related to this, I think the token is passed with "Bearer " and then set again with axios-module with this.$auth.ctx.app.$axios.setToken(token, this.options.tokenType)

"Bearer" is set by this on lib/core/auth.js here:

setToken (strategy, token) {
    const _key = this.options.token.prefix + strategy

    return this.$storage.setUniversal(_key, token)
  }

@breakingrobot breakingrobot mentioned this issue Apr 3, 2018
Merged
@breakingrobot
Copy link
Contributor

Fixed on #115 - Will be available soon 👍

@linda8167
Copy link

linda8167 commented Apr 9, 2018
edited
Loading

Wait for updates。。。。How I delete the prefix

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
solved
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@javialon26 @linda8167 @breakingrobot