Merge branch 'main' into pr/156

CHANGELOG.md

@@ -1,6 +1,100 @@
 # Changelog
 
 
+## v0.3.9
+
+[compare changes](https://github.com/Atinux/nuxt-auth-utils/compare/v0.3.8...v0.3.9)
+
+### 🩹 Fixes
+
+- UserSession secure type augmentation ([#181](https://github.com/Atinux/nuxt-auth-utils/pull/181))
+
+### 🏡 Chore
+
+- Update deps ([4a0e1e9](https://github.com/Atinux/nuxt-auth-utils/commit/4a0e1e9))
+
+### ❤️ Contributors
+
+- Sébastien Chopin ([@atinux](http://github.com/atinux))
+- Israel Ortuño <[email protected]>
+
+## v0.3.8
+
+[compare changes](https://github.com/Atinux/nuxt-auth-utils/compare/v0.3.7...v0.3.8)
+
+### 🚀 Enhancements
+
+- Add Gitlab provider ([fec746f](https://github.com/Atinux/nuxt-auth-utils/commit/fec746f))
+- Add instagram provider ([3bd553c](https://github.com/Atinux/nuxt-auth-utils/commit/3bd553c))
+- Add vk provider ([6581f12](https://github.com/Atinux/nuxt-auth-utils/commit/6581f12))
+- Add support for private data & config argument ([#171](https://github.com/Atinux/nuxt-auth-utils/pull/171))
+
+### 🩹 Fixes
+
+- Ensure plugin declaration files are emitted ([#170](https://github.com/Atinux/nuxt-auth-utils/pull/170))
+
+### 📖 Documentation
+
+- Add note about cookie size ([a725436](https://github.com/Atinux/nuxt-auth-utils/commit/a725436))
+- Add note to readme about session API route ([ddf38c1](https://github.com/Atinux/nuxt-auth-utils/commit/ddf38c1))
+
+### 🏡 Chore
+
+- Add emailRequired for testing Gitlab ([408b580](https://github.com/Atinux/nuxt-auth-utils/commit/408b580))
+- Up ([bd37690](https://github.com/Atinux/nuxt-auth-utils/commit/bd37690))
+
+### ❤️ Contributors
+
+- Sébastien Chopin ([@atinux](http://github.com/atinux))
+- Daniel Roe ([@danielroe](http://github.com/danielroe))
+- Alex Blumgart <[email protected]>
+- Sandro Circi ([@sandros94](http://github.com/sandros94))
+- Rudo Kemper ([@rudokemper](http://github.com/rudokemper))
+
+## v0.3.7
+
+[compare changes](https://github.com/Atinux/nuxt-auth-utils/compare/v0.3.6...v0.3.7)
+
+### 🩹 Fixes
+
+- Paypal tokens request requires encoded `redirect_uri` ([8bf3b0b](https://github.com/Atinux/nuxt-auth-utils/commit/8bf3b0b))
+
+### 🏡 Chore
+
+- Update deps ([50aba8d](https://github.com/Atinux/nuxt-auth-utils/commit/50aba8d))
+
+### ❤️ Contributors
+
+- Sébastien Chopin ([@atinux](http://github.com/atinux))
+- Yizack Rangel ([@Yizack](http://github.com/Yizack))
+
+## v0.3.6
+
+[compare changes](https://github.com/Atinux/nuxt-auth-utils/compare/v0.3.5...v0.3.6)
+
+### 🚀 Enhancements
+
+- Add tiktok provider ([c1b1f44](https://github.com/Atinux/nuxt-auth-utils/commit/c1b1f44))
+
+### 💅 Refactors
+
+- Request token ([925f688](https://github.com/Atinux/nuxt-auth-utils/commit/925f688))
+
+### 📖 Documentation
+
+- Fix typo ([8d3af7e](https://github.com/Atinux/nuxt-auth-utils/commit/8d3af7e))
+
+### 🏡 Chore
+
+- Update deps ([c4189b2](https://github.com/Atinux/nuxt-auth-utils/commit/c4189b2))
+
+### ❤️ Contributors
+
+- Sébastien Chopin ([@atinux](http://github.com/atinux))
+- Ahmed Rangel ([@ahmedrangel](http://github.com/ahmedrangel))
+- Estéban <[email protected]>
+- Ivailo Panamski <[email protected]>
+
 ## v0.3.5
 
 [compare changes](https://github.com/Atinux/nuxt-auth-utils/compare/v0.3.4...v0.3.5)

README.md

@@ -15,9 +15,9 @@ Add Authentication to Nuxt applications with secured & sealed cookies sessions.
 ## Features
 
 - [Hybrid Rendering](#hybrid-rendering) support (SSR / CSR / SWR / Prerendering)
-- [15+ OAuth Providers](#supported-oauth-providers)
-- [Vue composable](#vue-composable)
-- [Server utils](#server-utils)
+- [20+ OAuth Providers](#supported-oauth-providers)
+- [`useUserSession()` Vue composable](#vue-composable)
+- [Tree-shakable server utils](#server-utils)
 - [`<AuthState>` component](#authstate-component)
 - [Extendable with hooks](#extend-session)
 
@@ -105,6 +105,9 @@ interface UserSessionComposable {
 }
 ```
 
+> [!IMPORTANT]
+> Nuxt Auth Utils uses the `/api/_auth/session` route for session management. Ensure your API route middleware doesn't interfere with this path.
+
 ## Server Utils
 
 The following helpers are auto-imported in your `server/` directory.
@@ -114,13 +117,18 @@ The following helpers are auto-imported in your `server/` directory.
 ```ts
 // Set a user session, note that this data is encrypted in the cookie but can be decrypted with an API call
 // Only store the data that allow you to recognize a user, but do not store sensitive data
-// Merges new data with existing data using defu()
+// Merges new data with existing data using unjs/defu library
 await setUserSession(event, {
+  // User data
   user: {
-    // ... user data
+    login: 'atinux'
+  },
+  // Private data accessible on server/ routes
+  secure: {
+    apiToken: '1234567890'
   },
+  // Any extra fields for the session data
   loggedInAt: new Date()
-  // Any extra fields
 })
 
 // Replace a user session. Same behaviour as setUserSession, except it does not merge data with existing data
@@ -148,16 +156,23 @@ declare module '#auth-utils' {
   interface UserSession {
     // Add your own fields
   }
+
+  interface SecureSessionData {
+    // Add your own fields
+  }
 }
 
 export {}
 ```
 
+> [!IMPORTANT]
+> Since we encrypt and store session data in cookies, we're constrained by the 4096-byte cookie size limit. Store only essential information.
+
 ### OAuth Event Handlers
 
 All handlers can be auto-imported and used in your server routes or API routes.
 
-The pattern is `oauth<Provider>EventHandler({ onSuccess, config?, onError? })`, example: `oauthGitHubEventHandler`.
+The pattern is `defineOAuth<Provider>EventHandler({ onSuccess, config?, onError? })`, example: `defineOAuthGitHubEventHandler`.
 
 The helper returns an event handler that automatically redirects to the provider authorization page and then calls `onSuccess` or `onError` depending on the result.
 
@@ -190,16 +205,21 @@ It can also be set using environment variables:
 - AWS Cognito
 - Battle.net
 - Discord
+- Dropbox
 - Facebook
 - GitHub
+- GitLab
 - Google
+- Instagram
 - Keycloak
 - LinkedIn
 - Microsoft
 - PayPal
 - Spotify
 - Steam
+- TikTok
 - Twitch
+- VK
 - X (Twitter)
 - XSUAA
 - Yandex
@@ -211,7 +231,7 @@ You can add your favorite provider by creating a new file in [src/runtime/server
 Example: `~/server/routes/auth/github.get.ts`
 
 ```ts
-export default oauthGitHubEventHandler({
+export default defineOAuthGitHubEventHandler({
   config: {
     emailRequired: true
   },
@@ -349,6 +369,14 @@ Our defaults are:
 }
 ```
 
+You can also overwrite the session config by passing it as 3rd argument of the `setUserSession` and `replaceUserSession` functions:
+
+```ts
+await setUserSession(event, { ... } , {
+  maxAge: 60 * 60 * 24 * 7 // 1 week
+})
+```
+
 Checkout the [`SessionConfig`](https://github.com/unjs/h3/blob/c04c458810e34eb15c1647e1369e7d7ef19f567d/src/utils/session.ts#L20) for all options.
 
 ## More

package.json

@@ -1,11 +1,11 @@
 {
   "name": "nuxt-auth-utils",
-  "version": "0.3.5",
+  "version": "0.3.9",
   "description": "Minimalist Auth module for Nuxt with SSR",
   "repository": "Atinux/nuxt-auth-utils",
   "license": "MIT",
   "type": "module",
-  "packageManager": "pnpm@9.9.0",
+  "packageManager": "pnpm@9.10.0",
   "exports": {
     ".": {
       "types": "./dist/types.d.ts",
@@ -33,29 +33,28 @@
   },
   "dependencies": {
     "@nuxt/kit": "^3.13.0",
-    "bcrypt-edge": "^0.0.6",
     "defu": "^6.1.4",
     "hookable": "^5.5.3",
     "ofetch": "^1.3.4",
-    "ohash": "^1.1.3",
+    "ohash": "^1.1.4",
     "pathe": "^1.1.2",
     "scule": "^1.3.0",
     "uncrypto": "^0.1.3"
   },
   "devDependencies": {
-    "@iconify-json/simple-icons": "^1.1.115",
+    "@iconify-json/simple-icons": "^1.2.3",
     "@nuxt/devtools": "latest",
-    "@nuxt/eslint-config": "^0.5.3",
-    "@nuxt/module-builder": "^0.8.3",
-    "@nuxt/schema": "^3.13.0",
-    "@nuxt/test-utils": "^3.14.1",
-    "@nuxt/ui": "^2.18.4",
-    "@nuxt/ui-pro": "^1.4.1",
-    "changelogen": "^0.5.5",
-    "eslint": "^9.9.1",
-    "nuxt": "^3.13.0",
-    "typescript": "^5.5.4",
-    "vitest": "^2.0.5",
-    "vue-tsc": "^2.0.29"
+    "@nuxt/eslint-config": "^0.5.7",
+    "@nuxt/module-builder": "^0.8.4",
+    "@nuxt/schema": "^3.13.2",
+    "@nuxt/test-utils": "^3.14.2",
+    "@nuxt/ui": "^2.18.5",
+    "@nuxt/ui-pro": "^1.4.2",
+    "changelogen": "^0.5.7",
+    "eslint": "^9.10.0",
+    "nuxt": "^3.13.2",
+    "typescript": "^5.6.2",
+    "vitest": "^2.1.1",
+    "vue-tsc": "^2.1.6"
   }
 }

playground/.env.example

@@ -2,6 +2,9 @@ NUXT_SESSION_PASSWORD=
 # GitHub OAuth
 NUXT_OAUTH_GITHUB_CLIENT_ID=
 NUXT_OAUTH_GITHUB_CLIENT_SECRET=
+# GitLab OAuth
+NUXT_OAUTH_GITLAB_CLIENT_ID=
+NUXT_OAUTH_GITLAB_CLIENT_SECRET=
 # Spotify OAuth
 NUXT_OAUTH_SPOTIFY_CLIENT_ID=
 NUXT_OAUTH_SPOTIFY_CLIENT_SECRET=
@@ -41,6 +44,9 @@ NUXT_OAUTH_COGNITO_REGION=
 # Facebook
 NUXT_OAUTH_FACEBOOK_CLIENT_ID=
 NUXT_OAUTH_FACEBOOK_CLIENT_SECRET=
+# Instagram
+NUXT_OAUTH_INSTAGRAM_CLIENT_ID=
+NUXT_OAUTH_INSTAGRAM_CLIENT_SECRET=
 # PayPal
 NUXT_OAUTH_PAYPAL_CLIENT_ID=
 NUXT_OAUTH_PAYPAL_CLIENT_SECRET=
@@ -53,6 +59,15 @@ NUXT_OAUTH_X_CLIENT_SECRET=
 NUXT_OAUTH_XSUAA_CLIENT_ID=
 NUXT_OAUTH_XSUAA_CLIENT_SECRET=
 NUXT_OAUTH_XSUAA_DOMAIN=
+# VK
+NUXT_OAUTH_VK_CLIENT_ID=
+NUXT_OAUTH_VK_CLIENT_SECRET=
 # Yandex
 NUXT_OAUTH_YANDEX_CLIENT_ID=
-NUXT_OAUTH_YANDEX_CLIENT_SECRET=
+NUXT_OAUTH_YANDEX_CLIENT_SECRET=
+# TikTok
+NUXT_OAUTH_TIKTOK_CLIENT_KEY=
+NUXT_OAUTH_TIKTOK_CLIENT_SECRET=
+# Dropbox
+NUXT_OAUTH_DROPBOX_CLIENT_ID=
+NUXT_OAUTH_DROPBOX_CLIENT_SECRET=

playground/app.vue

@@ -42,12 +42,24 @@ const providers = computed(() =>
       disabled: Boolean(user.value?.facebook),
       icon: 'i-simple-icons-facebook',
     },
+    {
+      label: session.value.user?.instagram || 'instagram',
+      to: '/auth/instagram',
+      disabled: Boolean(user.value?.instagram),
+      icon: 'i-simple-icons-instagram',
+    },
     {
       label: session.value.user?.github || 'GitHub',
       to: '/auth/github',
       disabled: Boolean(user.value?.github),
       icon: 'i-simple-icons-github',
     },
+    {
+      label: session.value.user?.gitlab || 'GitLab',
+      to: '/auth/gitlab',
+      disabled: Boolean(user.value?.gitlab),
+      icon: 'i-simple-icons-gitlab',
+    },
     {
       label: user.value?.linkedin || 'LinkedIn',
       to: '/auth/linkedin',
@@ -126,12 +138,30 @@ const providers = computed(() =>
       disabled: Boolean(user.value?.xsuaa),
       icon: 'i-simple-icons-sap',
     },
+    {
+      label: user.value?.vk || 'VK',
+      to: '/auth/vk',
+      disabled: Boolean(user.value?.vk),
+      icon: 'i-simple-icons-vk',
+    },
     {
       label: user.value?.yandex || 'Yandex',
       to: '/auth/yandex',
       disabled: Boolean(user.value?.yandex),
       icon: 'i-gravity-ui-logo-yandex',
     },
+    {
+      label: user.value?.tiktok || 'TikTok',
+      to: '/auth/tiktok',
+      disabled: Boolean(user.value?.tiktok),
+      icon: 'i-simple-icons-tiktok',
+    },
+    {
+      label: user.value?.dropbox || 'Dropbox',
+      to: '/auth/dropbox',
+      disabled: Boolean(user.value?.dropbox),
+      icon: 'i-simple-icons-dropbox',
+    },
   ].map(p => ({
     ...p,
     prefetch: false,

playground/auth.d.ts

@@ -4,6 +4,7 @@ declare module '#auth-utils' {
     password?: string
     spotify?: string
     github?: string
+    gitlab?: string
     google?: string
     twitch?: string
     auth0?: string
@@ -14,17 +15,22 @@ declare module '#auth-utils' {
     linkedin?: string
     cognito?: string
     facebook?: string
+    instagram?: string
     paypal?: string
     steam?: string
     x?: string
     xsuaa?: string
+    vk?: string
     yandex?: string
+    tiktok?: string
+    dropbox?: string
   }
 
   interface UserSession {
     // eslint-disable-next-line @typescript-eslint/no-explicit-any
     extended?: any
     loggedInAt: number
+    secure?: Record<string, unknown>
   }
 }