Forem: dev-davexoyinbo The latest articles on Forem by dev-davexoyinbo (@devdavexoyinbo). https://forem.com/devdavexoyinbo https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F423574%2F00a7619a-ac1f-484b-8b04-e17c9539a3c4.png Forem: dev-davexoyinbo https://forem.com/devdavexoyinbo en Secure Your Nuxt 3 App dev-davexoyinbo Thu, 28 Nov 2024 00:17:02 +0000 https://forem.com/devdavexoyinbo/secure-your-nuxt-3-app-56j4 https://forem.com/devdavexoyinbo/secure-your-nuxt-3-app-56j4 <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgmoiwl94zzc01lqnftge.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgmoiwl94zzc01lqnftge.png" alt="Nuxt auth logo" width="162" height="162"></a><br> Authentication is a crucial aspect of any modern web application. Whether you’re building an e-commerce site, a social platform, or any service requiring user authentication, handling authentication securely and efficiently is key to ensuring a smooth user experience. In this post, we’ll explore how to easily integrate authentication into your Nuxt.js application using the @workmate/nuxt-auth package. We would discuss the local auth provider here, where you can connect to your backend directly. The package also has support for oAuth2 like github and google. To view that, check out the github repository<br> <a href="https://github.com/work-mate/nuxt-auth-module" rel="noopener noreferrer">https://github.com/work-mate/nuxt-auth-module</a></p> <p><strong>What is @workmate/nuxt-auth?</strong><br> @workmate/nuxt-auth is a package designed to make authentication in Nuxt.js apps seamless. This package provides a straightforward way to add authentication flows, such as login, registration, and user session management, to your Nuxt app.</p> <p><strong>Installing @workmate/nuxt-auth</strong><br> The first step is to install the package. Open your terminal and navigate to the root of your Nuxt project. Then, run the following command to install the @workmate/nuxt-auth package:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> <span class="nt">--save</span> @workmate/nuxt-auth </code></pre> </div> <p>or if you are using yarn:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>yarn add @workmate/nuxt-auth </code></pre> </div> <p><strong>Setting Up the Package in Your Nuxt Project</strong><br> Once the package is installed, you need to configure it in your Nuxt application. Open your nuxt.config.js file and add @workmate/nuxt-auth to the modules array:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// nuxt.config.ts</span> <span class="k">export</span> <span class="k">default</span> <span class="nf">defineNuxtConfig</span><span class="p">({</span> <span class="na">modules</span><span class="p">:</span> <span class="p">[</span> <span class="dl">"</span><span class="s2">@workmate/nuxt-auth</span><span class="dl">"</span> <span class="p">],</span> <span class="p">...</span> <span class="p">});</span> </code></pre> </div> <p>Set up your auth providers<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// nuxt.config.ts</span> <span class="kd">const</span> <span class="nx">BACKEND_URL</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">BACKEND_BASE_URL</span> <span class="o">||</span> <span class="dl">"</span><span class="s2">http://localhost:9000</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">default</span> <span class="nf">defineNuxtConfig</span><span class="p">({</span> <span class="na">modules</span><span class="p">:</span> <span class="p">[</span> <span class="dl">"</span><span class="s2">@workmate/nuxt-auth</span><span class="dl">"</span><span class="p">,],</span> <span class="na">auth</span><span class="p">:</span> <span class="p">{</span> <span class="na">global</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">redirects</span><span class="p">:</span> <span class="p">{</span> <span class="na">redirectIfLoggedIn</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/dashboard</span><span class="dl">"</span><span class="p">,</span> <span class="na">redirectIfNotLoggedIn</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/register</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// default is /login</span> <span class="p">},</span> <span class="na">apiClient</span><span class="p">:</span> <span class="p">{</span> <span class="na">baseURL</span><span class="p">:</span> <span class="nx">BACKEND_URL</span><span class="p">,</span> <span class="p">},</span> <span class="c1">//token: {</span> <span class="c1">// type: "Bearer",</span> <span class="c1">// maxAge: 1000 * 60 * 60 * 24 * 30,</span> <span class="c1">// cookiesNames: {</span> <span class="c1">// accessToken: "auth:token",</span> <span class="c1">// refreshToken: "auth:refreshToken",</span> <span class="c1">// authProvider: "auth:provider",</span> <span class="c1">// tokenType: "auth:tokenType",</span> <span class="c1">//}</span> <span class="p">};</span> <span class="nl">providers</span><span class="p">:</span> <span class="p">{</span> <span class="na">local</span><span class="p">:</span> <span class="p">{</span> <span class="na">endpoints</span><span class="p">:</span> <span class="p">{</span> <span class="na">signIn</span><span class="p">:</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="s2">`</span><span class="p">${</span><span class="nx">BACKEND_URL</span><span class="p">}</span><span class="s2">/api/auth/login`</span><span class="p">,</span> <span class="na">method</span><span class="p">:</span> <span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span><span class="p">,</span> <span class="na">tokenKey</span><span class="p">:</span> <span class="dl">"</span><span class="s2">token</span><span class="dl">"</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="p">{</span> <span class="na">principal</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">},</span> <span class="na">user</span><span class="p">:</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="s2">`</span><span class="p">${</span><span class="nx">BACKEND_URL</span><span class="p">}</span><span class="s2">/api/auth/user`</span><span class="p">,</span> <span class="na">userKey</span><span class="p">:</span> <span class="dl">"</span><span class="s2">data</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="na">signOut</span><span class="p">:</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="s2">`</span><span class="p">${</span><span class="nx">BACKEND_URL</span><span class="p">}</span><span class="s2">/api/auth/user`</span><span class="p">,</span> <span class="na">method</span><span class="p">:</span> <span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">},</span> <span class="p">},</span> <span class="p">},</span> <span class="p">},</span> <span class="p">});</span> </code></pre> </div> <p><strong>Brief explanation of the config</strong><br> Let's go through the above real quick, the <code>global:true</code> line ensures that the auth middleware is set on every page of your website. And since you won't be authenticated by default, you want to turn it off on the home route like so<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight vue"><code>// pages/index.vue <span class="nt">&lt;</span><span class="k">template</span><span class="nt">&gt;</span> <span class="nt">&lt;main&gt;</span>Landing page<span class="nt">&lt;/main&gt;</span> <span class="nt">&lt;/</span><span class="k">template</span><span class="nt">&gt;</span> <span class="nt">&lt;</span><span class="k">script</span> <span class="na">lang=</span><span class="s">"ts"</span> <span class="na">setup</span><span class="nt">&gt;</span> <span class="nf">definePageMeta</span><span class="p">({</span> <span class="na">auth</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="p">});</span> <span class="o">&lt;</span><span class="nx">script</span><span class="o">&gt;</span> </code></pre> </div> <p>You can also set the auth to false on pages you want your users to access regardless of whether they are logged in or not like the help page or the about us page. </p> <p>In the case where you don't want to use the global middleware, add the auth middleware to the pages you want to protect, eg the dashboard<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight vue"><code>// pages/dashboard.vue <span class="nt">&lt;</span><span class="k">template</span><span class="nt">&gt;</span> <span class="nt">&lt;main&gt;</span>Dashboard page<span class="nt">&lt;/main&gt;</span> <span class="nt">&lt;/</span><span class="k">template</span><span class="nt">&gt;</span> <span class="nt">&lt;</span><span class="k">script</span> <span class="na">lang=</span><span class="s">"ts"</span> <span class="na">setup</span><span class="nt">&gt;</span> <span class="nf">definePageMeta</span><span class="p">({</span> <span class="na">middleware</span><span class="p">:</span> <span class="dl">"</span><span class="s2">auth</span><span class="dl">"</span><span class="p">,</span> <span class="p">});</span> <span class="o">&lt;</span><span class="nx">script</span><span class="o">&gt;</span> </code></pre> </div> <p><strong>The signIn endpoint</strong><br> In the above config, the application would make a post request to the endpoint <code>${BACKEND_URL}/api/auth/login</code> with the body<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"email@example.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"password"</span><span class="p">:</span><span class="w"> </span><span class="s2">"password"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>and would expect data with the format<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"auth token"</span><span class="p">,</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>for nested data, use 'period' separated keys eg <code>nested.token.data</code>.</p> <p>The same foes for the user endpoint and the sign out endpoint.</p> <p><strong>The api client</strong><br> By default, nuxt would want you to send requests to your frontend domain, meanwhile you might want to send it to another (eg. the backend). <strong>This package automatically handles this and also adds the authorization headers to the api client so you don't have to manually do that.</strong></p> <p>To use the api client, add the apiClient's baseurl to the config as shown in the code above. Then instead of calling useFetch or $fetch in nuxt use<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nf">useAuthFetch</span><span class="p">(</span><span class="nx">url</span><span class="p">,</span> <span class="nx">options</span><span class="p">)</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">$authFetch</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">useNuxtApp</span><span class="p">();</span> <span class="nf">$authFetch</span><span class="p">(</span><span class="nx">url</span><span class="p">,</span> <span class="nx">options</span><span class="p">)</span> </code></pre> </div> <p>And they have the exact same interface with the useFetch and $fetch apis.</p> <p><strong>Logging In</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight vue"><code>// pages/index.vue <span class="nt">&lt;</span><span class="k">template</span><span class="nt">&gt;</span> <span class="nt">&lt;form</span> <span class="err">@</span><span class="na">submit.prevent=</span><span class="s">"submit"</span> <span class="na">class=</span><span class="s">"login-form"</span><span class="nt">&gt;</span> <span class="nt">&lt;div</span> <span class="na">class=</span><span class="s">"form-group"</span><span class="nt">&gt;</span> <span class="nt">&lt;label</span> <span class="na">for=</span><span class="s">"email"</span><span class="nt">&gt;</span>Email<span class="nt">&lt;/label&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"email"</span> <span class="na">id=</span><span class="s">"email"</span> <span class="na">v-model=</span><span class="s">"email"</span> <span class="na">placeholder=</span><span class="s">"Enter your email"</span> <span class="na">required</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/div&gt;</span> <span class="nt">&lt;div</span> <span class="na">class=</span><span class="s">"form-group"</span><span class="nt">&gt;</span> <span class="nt">&lt;label</span> <span class="na">for=</span><span class="s">"password"</span><span class="nt">&gt;</span>Password<span class="nt">&lt;/label&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"password"</span> <span class="na">id=</span><span class="s">"password"</span> <span class="na">v-model=</span><span class="s">"password"</span> <span class="na">placeholder=</span><span class="s">"Enter your password"</span> <span class="na">required</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/div&gt;</span> <span class="nt">&lt;button</span> <span class="na">type=</span><span class="s">"submit"</span><span class="nt">&gt;</span>Login<span class="nt">&lt;/button&gt;</span> <span class="nt">&lt;/form&gt;</span> <span class="nt">&lt;/</span><span class="k">template</span><span class="nt">&gt;</span> <span class="nt">&lt;</span><span class="k">script</span> <span class="na">lang=</span><span class="s">"ts"</span> <span class="na">setup</span><span class="nt">&gt;</span> <span class="nf">definePageMeta</span><span class="p">({</span> <span class="na">middleware</span><span class="p">:</span> <span class="dl">'</span><span class="s1">auth-guest</span><span class="dl">'</span><span class="p">,</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">email</span> <span class="o">=</span> <span class="nf">ref</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">password</span> <span class="o">=</span> <span class="nf">ref</span><span class="p">();</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">login</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">useAuth</span><span class="p">();</span> <span class="kd">function</span> <span class="nf">submit</span><span class="p">()</span> <span class="p">{</span> <span class="nf">login</span><span class="p">(</span><span class="dl">"</span><span class="s2">local</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">principal</span><span class="p">:</span> <span class="nx">email</span><span class="p">.</span><span class="nx">value</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="nx">password</span><span class="p">.</span><span class="nx">value</span><span class="p">,</span> <span class="p">}).</span><span class="k">catch</span><span class="p">(</span><span class="nx">err</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">//handle error</span> <span class="p">})</span> <span class="p">}</span> <span class="o">&lt;</span><span class="nx">script</span><span class="o">&gt;</span> </code></pre> </div> <p>The auth guest middleware allows only unauthenticated users to visit a page, which is what we need in the case of the login. </p> <p><strong>Auth Data</strong><br> In order to get the auth data, you can use the useAuth composable<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="p">{</span> <span class="nx">loggedIn</span><span class="p">,</span> <span class="nx">user</span><span class="p">,</span> <span class="nx">token</span><span class="p">,</span> <span class="nx">refreshToken</span><span class="p">,</span> <span class="nx">login</span><span class="p">,</span> <span class="nx">logout</span><span class="p">,</span> <span class="nx">refreshUser</span><span class="p">,</span> <span class="nx">refreshTokens</span><span class="p">,</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">useAuth</span><span class="p">();</span> <span class="c1">// or</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">$auth</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">useNuxtApp</span><span class="p">();</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">loggedIn</span><span class="p">,</span> <span class="nx">user</span><span class="p">,</span> <span class="nx">token</span><span class="p">,</span> <span class="nx">refreshToken</span><span class="p">,</span> <span class="nx">login</span><span class="p">,</span> <span class="nx">logout</span><span class="p">,</span> <span class="nx">refreshUser</span><span class="p">,</span> <span class="nx">refreshTokens</span><span class="p">,</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">$auth</span><span class="p">;</span> </code></pre> </div> <p>In order to logout, you can use the logout from the above code snippet<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nf">logout</span><span class="p">().</span><span class="nf">then</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// show logout notification</span> <span class="p">});</span> </code></pre> </div> webdev nuxt auth