Skip to content
This repository was archived by the owner on Mar 5, 2025. It is now read-only.
This repository was archived by the owner on Mar 5, 2025. It is now read-only.

nuxt baseUrl isn't respected #77

Open
#101
Open
nuxt baseUrl isn't respected#77
#101
Labels
bugSomething isn't workingworkaround available
@nathanbrizzee-cdcr

Description

@nathanbrizzee-cdcr
nathanbrizzee-cdcr
opened on Aug 14, 2023

Environment

package.json

  "devDependencies": {
    "@nuxt/devtools": "latest",
    "@types/node": "^20.4.10",
    "nuxt": "^3.6.5"
  },
  "dependencies": {
    "@auth/core": "^0.11.1",
    "@hebilicious/authjs-nuxt": "0.3.0-beta.2",
    "h3": "1.8.0-rc.3",
    "nitropack": "npm:nitropack-edge@latest"
  },
  "overrides": {
    "h3": "1.8.0-rc.3",
    "nitropack": "npm:nitropack-edge@latest"
  },
  "resolutions": {
    "h3": "1.8.0-rc.3",
    "nitropack": "npm:nitropack-edge@latest"
  }

nodejs v20.0.0
npm 9.6.4

Reproduction

Create a brand new Nuxt3 app. I followed the installation instructions https://nuxt.com/docs/getting-started/installation

pnpm dlx nuxi@latest init myapp

Then followed the installation instructions from here https://authjs-nuxt.pages.dev/getting-started.html down to and including the usage section.
I'm use Azure AD instead of Github.
My nuxt.config.ts looks like this: Notice the app: baseURL and public/baseURL sections.
https://nuxt.com/docs/api/configuration/nuxt-config#baseurl

// https://nuxt.com/docs/api/configuration/nuxt-config
import { resolve } from "node:path"

export default defineNuxtConfig({
  devtools: { enabled: true },
  alias: {
    cookie: resolve(__dirname, "node_modules/cookie")
  },
  app: {
      baseURL: "/myapp",
  },
  modules: ["@hebilicious/authjs-nuxt"],
  // Optional default config
  //  authJs: {
  //    verifyClientOnEveryRequest: true,
  //    guestRedirectTo: "/", // where to redirect if the user is authenticated
  //    authenticatedRedirectTo: "/", // where to redirect if the user is not authenticated
  //    baseUrl: ""
  //  },
  runtimeConfig: {
    authJs: {
      secret: process.env.NUXT_NEXTAUTH_SECRET, // You can generate one with `openssl rand -base64 32`
    },
    github: {
      clientId: process.env.NUXT_GITHUB_CLIENT_ID,
      clientSecret: process.env.NUXT_GITHUB_CLIENT_SECRET,
    },
    azureAD: {
      clientId: process.env.NUXT_AZUREAD_CLIENT_ID,
      clientSecret: process.env.NUXT_AZUREAD_CLIENT_SECRET,
      tenantId: process.env.NUXT_AZUREAD_TENANT_ID
    },
    public: {
      authJs: {
        baseUrl: process.env.NUXT_NEXTAUTH_URL, // The base URL is used for the Origin Check in prod only
        verifyClientOnEveryRequest: true, // whether to hit the /auth/session endpoint on every client request
      },
      baseURL: "/myapp",
    },
  },
});

Describe the bug

Because of adding the baseURL, I am unable to authenticate or access any of the auth apis because none of the auth URL's are correct. They are all absolute paths starting with /api/auth and do not take into account the baseURL prefix. I spent a lot of time in debug trying to find out whether the bug was in this library or the @auth/core library. I found this library is the one trying to access the session api end point when serving the application and the /api/auth/session end point doesn't exist due to the NuxtJS app being served on ${baseURL}/*

I didn't know the best way to propose a fix for this but it seems that the config defined in the catchall route (server/api/auth/[...].ts) needs to pass the baseURL in the config so it can be referenced throughout this library. If baseURL exists, prefix all the auth routes with it. If it doesn't exist, then use the current paths.

I passed the baseURL in the runtime public section, but as far as I can tell, that isn't always available in the library. But the config object is passed to most of the library functions and adding baseURL to the config from the runtime variables would solve that.

Additional context

It also looks like I have to configure custom page routes in the catchall route config file. (server/api/auth/[...].ts). I got this from the @auth/core documentation at https://authjs.dev/guides/basics/pages and modified the url's to work with a baseURL. I'm not 100% sure this is needed but I added it here for reference.

 pages: {
    signIn: `${runtimeConfig.public.baseURL || ''}/auth/signin`,
    signOut: `${runtimeConfig.public.baseURL || ''}/auth/signout`,
    error: `${runtimeConfig.public.baseURL || ''}/auth/error`, // Error code passed in query string as ?error=
    verifyRequest: `${runtimeConfig.public.baseURL || ''}/auth/verify-request`, // (used for check email message)
    newUser: `${runtimeConfig.public.baseURL || ''}/auth/new-user` // New users will be directed here on first sign in (leave the property out if not of interest)
  },

Logs

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workingworkaround available

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions