NuxtJs Auth with local strategy

0
votes

I'm creating an app with nuxtjs and I'm using the nuxt/auth module. Everything is working fine, I'm using the login with Local strategies with JWT Token. The problem that I'm having is that if I close my browser and re-open the browser and if the token has not expire I'm logged in automatically. How can I disable this? I would like it so that when the user closes the browser the token is no longer valid?

Is it because of the Local Storage?? I guess that Nuxt/Auth stores the token in the localstorage? I also see it creates a cookie with the token but the expiration of the cookie is set to "Session".

Any clarification/help on how to this work would be greatly appreciated.

Regards.

CES

2
javascriptnode.jsauthenticationjwtnuxt.js

2 Answers

0
votes

Localstorage has no expire date you need to delete it manually.

Cookies have one like JSON web tokens.

What i do is following:

If my token lasts for 1 day i set the cookie lifetime also to 1 day. After 1 day the browser erases the cookie automatically. If you login after 2 days the cookie will be erased and you wont be automatically be logged in

Sure if you logout you need to erase it manually

In addition i also like to set HttpOnly flag on the cookie so my server can only read it.

0
votes

You can use destroyed hook in main nuxt component for calling logging-out method. When you leave the main component, like closing the tab and closing the browser, it will be logging out, but not recommended. the better solution is set lifeTime when you are saving in LocalStorage.