maxAge is not working

[halilyuce]

Version

module: 5.0.0-1624817847.21691f1
nuxt: 2.15.7

Nuxt configuration

mode:

• universal
• spa

Nuxt configuration

  auth: {
    redirect: {
      login: '/signin',
      logout: '/signin',
      home: '/charts/captures/sources',
    },
    localStorage: false,
    rewriteRedirects: false,
    autoFetchUser: false,
    strategies: {
      local: {
        scheme: '~/schemes/customRefresh.js',
        token: {
          property: 'jwt',
          type: 'Bearer',
          global: true,
          required: true,
          maxAge: 15 * 60,
        },
        refreshToken: {
          property: 'jwt',
          data: 'refresh_token',
          maxAge: 60 * 60 * 24 * 60,
        },
        endpoints: {
          login: {
            headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
            url: '/api/login',
            method: 'post',
          },
          refresh: {
            headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
            url: '/api/refresh',
            method: 'post',
          },
          user: false,
          logout: false,
        },
      },
    },
  },

Reproduction

⚠️ without a minimal reproduction we won't be able to look into your issue

What is expected?

What is actually happening?

Steps to reproduce

Additional information

Checklist

• I have tested with the latest Nuxt version and the issue still occurs
• I have tested with the latest module version and the issue still occurs
• I have searched the issue tracker and this issue hasn't been reported yet

Steps to reproduce

1- I logged in and everything is working fine
2- When I check the expiration value of 'auth._token_expiration.local', it's different from what I expect. And both token and refresh expiration are the same (I gave different values for them)

What is expected?

• I was expecting the value I gave in the config settings for maxAge to be given as a cookie value.

What is actually happening?

Performance analysis?

[negativefix]

I have a similar problem in a universal app using session cookie authentication. Setting the maxAge option just modifies the cookie maxAge/ExpiryDate not the cookie value; therefore, it is not possible to set a session duration longer than 30 minutes.

"@nuxtjs/auth-next": "5.0.0-1624817847.21691f1",
"nuxt": "^2.15.7"

[halilyuce]

I have a similar problem in a universal app using session cookie authentication. Setting the maxAge option just modifies the cookie maxAge/ExpiryDate not the cookie value; therefore, it is not possible to set a session duration longer than 30 minutes.

"@nuxtjs/auth-next": "5.0.0-1624817847.21691f1",
"nuxt": "^2.15.7"

I used a custom refresh scheme and I define cookie value after login and refresh manually.

nuxt.config: scheme: '~/schemes/customRefresh.js',

customRefresh.js:

import { RefreshScheme } from '~auth/runtime'

export default class CustomScheme extends RefreshScheme {
  refreshTokens() {
    const self = this
    // Refresh endpoint is disabled
    if (!this.options.endpoints.refresh) {
      return
    }

    // Token and refresh token are required but not available
    if (!this.check().valid) {
      return
    }

    // Get refresh token status
    const refreshTokenStatus = this.refreshToken.status()

    // Refresh token is expired. There is no way to refresh. Force reset.
    if (refreshTokenStatus.expired()) {
      this.$auth.reset()
      return Promise.reject(new Error('Token expired'))
    }

    // Delete current token from the request header before refreshing, if `tokenRequired` is disabled
    if (!this.options.refreshToken.tokenRequired) {
      this.requestHandler.clearHeader()
    }

    // Set authorization header
    this.requestHandler.axios.defaults.headers.common[
      this.options.token.name
    ] = `${this.options.token.type} ${this.refreshToken.get()}`

    // Make refresh request
    return this.$auth
      .request({}, this.options.endpoints.refresh)
      .then((response) => {
        // Update tokens
        this.updateTokens(response, { isRefreshing: true })
        var now = new Date()
        var later = new Date(now)
        later.setMinutes(now.getMinutes() + 15)
        const expire = Date.parse(later)
        self.$auth.ctx.$cookies.set('auth._token_expiration.local', expire)
      })
      .catch((error) => {
        this.$auth.callOnError(error, { method: 'refreshToken' })
        return Promise.reject(error)
      })
  }
}