Maybe this is a little thing for getting user informations inside getSession function.

[adorratm]

Describe the feature

First of all, my English is not good and I think we can work more flexibly if an update comes so that the getSession method can be used in this way.

Some rest api's is not well designed for frontend developers. Here is a scenario:

I have 2 endpoints for getting a bearer token and these endpoints are accept only "POST" method.

First endpoint is '/oauth/token' getting Email, Password, GrantType, Scope, ClientId, ClientSecret, RedirectUri fields in posted data and this endpoint returns AccessToken, RefreshToken, ExpiresAt, TokenType

Second endpoint is '/user/user-information' this endpoint accessible with Email field inside posted data and Authorization Bearer token.

When I look the Sidebase/Nuxt-Auth documentation I see for getting user data to use this method: getSession, I will use this method after send the signIn event but the getSession method don't accept the custom request body. For example:

<script setup lang="ts">

const config = useRuntimeConfig()
const {$toast} = useNuxtApp();

const Email = ref('');
const Password = ref('');

const login = async()  => {
try {
  await signIn({
    Email.value,
    Password.value,
    config.GrantType,
    config.Scope,
    config.ClientId,
    config.ClientSecret,
    config.RedirectUri
  },{ redirect: false })

  await getSession('/user/user-information', // This variable maybe passed for setting user info endpoint
  {
    Email: Email.value // This variable maybe passed in here as a request body this method for getting user info after successfully login.
  })

  $toast.success("Loggedin Successfully!");

  } catch(e){
    console.log(e)
  }
}
</script>

And If I set the getSession inside nuxt.config.ts endpoints object to false, the getSession running automatically sends wrong endpoint continuously. Maybe its is a bug actually.

How would you implement this?

getSession('endpoint', request.body.object, ...other params)

Additional information

• Would you be willing to help implement this feature?

Provider

• AuthJS
• Local
• Refresh
• New Provider

[zoey-kaiser]

Hi @adorratm 👋

It's not an issue with your English! Thank you for trying your best 🤗

My main question would be: Is your OAuth provider a custom one written internally or is it a publicly available one like Google, Github etc.? Depending on the case I have two recommendations on how to proceed:

Public OAuth Provider

So I generally see that you are using your own signIn function, while still using OAuth. I would recommend letting our module handle this for you. Inside your NuxtAuthHandler you can create setup to use OAuth providers.
We then return a signIn function that you can use the sign in the user. NuxtAuth will then automatically handle the session and JWT Token management.

You will then be able to access the user data with:

<script lang="ts" setup>
const { data } = useAuth()
</script>

This data will update whenever any change is made to the data or the authentication status is changed.

I think a good starting point would be to have a look at the NuxtAuthExample in which we configure a GitHub OAuth provider.

As we run NextAuth under the hood, there is a long list of OAuth providers, you can use out of the box. You can see them here: https://next-auth.js.org/providers/

Custom OAuth

In this case you could look into writing your own OAuth provider for NextAuth. This would then allow you to use all of the features described above when working with your custom API: https://next-auth.js.org/configuration/providers/oauth#using-a-custom-provider

As I saw that you were combining the local and refresh provider with OAuth, I would start by following one of the two methods above. The local and refresh providers are not meant for OAuth authentication and focus more on filling the need for credentials authentication!

If I misunderstood your request feel free to correct me

[adorratm]

Hi @adorratm 👋

It's not an issue with your English! Thank you for trying your best 🤗

My main question would be: Is your OAuth provider a custom one written internally or is it a publicly available one like Google, Github etc.? Depending on the case I have two recommendations on how to proceed:

Public OAuth Provider

So I generally see that you are using your own signIn function, while still using OAuth. I would recommend letting our module handle this for you. Inside your NuxtAuthHandler you can create setup to use OAuth providers. We then return a signIn function that you can use the sign in the user. NuxtAuth will then automatically handle the session and JWT Token management.

You will then be able to access the user data with:

<script lang="ts" setup>
const { data } = useAuth()
</script>

This data will update whenever any change is made to the data or the authentication status is changed.

I think a good starting point would be to have a look at the NuxtAuthExample in which we configure a GitHub OAuth provider.

As we run NextAuth under the hood, there is a long list of OAuth providers, you can use out of the box. You can see them here: https://next-auth.js.org/providers/

Custom OAuth

In this case you could look into writing your own OAuth provider for NextAuth. This would then allow you to use all of the features described above when working with your custom API: https://next-auth.js.org/configuration/providers/oauth#using-a-custom-provider

As I saw that you were combining the local and refresh provider with OAuth, I would start by following one of the two methods above. The local and refresh providers are not meant for OAuth authentication and focus more on filling the need for credentials authentication!

If I misunderstood your request feel free to correct me

Thanks for your answer but in this scenario I don't use any public Oauth provider. I try to use "Refresh" provider for the backend developer's developed rest api. The backend developers I don't know why didn't make this endpoint work only with Bearer Token, but maybe the getSession method in this library can be developed flexibly for such situations? That's what I meant to ask. In such cases, user information is requested with the Bearer token in the Axios library in Nuxt 2. It was possible to proceed with the setUser method.

[phoenix-ru]

I don't use any public Oauth provider.

Hi @adorratm , have you set the provider to refresh in your nuxt.config.ts?

export default defineNuxtConfig({
  auth: {
    provider: {
      type: 'refresh',
     /* ... */
    }
  }
}

[adorratm]

I don't use any public Oauth provider.

Hi @adorratm , have you set the provider to refresh in your nuxt.config.ts?

export default defineNuxtConfig({
  auth: {
    provider: {
      type: 'refresh',
     /* ... */
    }
  }
}

Yes I’ve already set it

[phoenix-ru]

Closing this issue due to inactivity

The newly developed hooks provider will have the functionality to communicate with any custom REST backend, see #1062