options

General options shared with all strategies. See for defaults.

`redirect`

Default:

auth: {
  redirect: {
    login: '/login',
    logout: '/',
    callback: '/login',
    home: '/'
  }
}

login: User will be redirected to this path if login is required.
logout: User will be redirected to this path if after logout, current route is protected.
home: User will be redirect to this path after login. (rewriteRedirects will rewrite this path)
callback: User will be redirected to this path by the identity provider after login. (Should match configured Allowed Callback URLs (or similar setting) in your app/client with the identity provider)

Each redirect path can be disabled by setting to false. Also you can disable all redirects by setting redirect to false

`watchLoggedIn`

Default: true

When enabled (default) user will be redirected on login/logouts.

`token`

Default:

auth: {
  token: {
    prefix: '_token.'
  }
}

prefix - Default prefix used in building a key for token storage across all storage providers.

`localStorage`

Default:

auth: {
  localStorage: {
    prefix: 'auth.'
  }
}

prefix - Default token prefix used in building a key for token storage in the browser's localStorage.

You can disable use of localStorage by setting localStorage to false, like so:

auth {
  localStorage: false
}

Otherwise the auth token will be stored in localStorage at a default key of: auth._token.{provider}.

Default:

auth: {
  cookie: {
    prefix: 'auth.',
    options: {
      path: '/'
    }
  }
}

prefix - Default token prefix used in building a key for token storage in the browser's localStorage.
- path - path where the cookie is visible. Default is '/'.
- expires - can be used to specify cookie lifetime in Number of days or specific Date. Default is session only.
- maxAge - Specifies the number (in seconds) to be the value for the Max-Age (preferred over expires)
- domain - domain (and by extension subdomain/s) where the cookie is visible. Default is domain and all subdomains.
- secure - sets whether the cookie requires a secure protocol (https). Default is false, should be set to true if possible.

Note: Using cookies is required for SSR requests to work with JWT tokens.

You can disable use of cookie storage by setting cookie to false, like so:

auth: {
  cookie: false
}

Otherwise the auth token will be stored in a cookie named by default as: auth._token.{provider}.

`plugins`

If you have any nuxt plugin that depends on $auth you have to specify it here instead of top-level plugins option in nuxt.config.js.

`resetOnError`

Default: false

Either a boolean or a function is accepted. If a function is passed, it will take the same arguments as onError handlers and return Boolean to inform whether a reset should be performed.

If enabled, user will be automatically logged out if an error happens. (For example when token expired)

`rewriteRedirects`

Default: true

If enabled, user will redirect back to the original guarded route instead of redirect.home.

`fullPathRedirect`

Default: false

If true, use the full route path with query parameters for redirect

`vuex.namespace`

Default: auth

Vuex store namespace for keeping state.

`scopeKey`

Default: scope

user object property used for scope checking (hasScope). Can be either an array or a object.

PreviousAPI Nextstorage

Last updated 5 years ago

General options shared with all strategies. See for defaults.

`redirect`

Default:

auth: {
  redirect: {
    login: '/login',
    logout: '/',
    callback: '/login',
    home: '/'
  }
}

login: User will be redirected to this path if login is required.
logout: User will be redirected to this path if after logout, current route is protected.
home: User will be redirect to this path after login. (rewriteRedirects will rewrite this path)
callback: User will be redirected to this path by the identity provider after login. (Should match configured Allowed Callback URLs (or similar setting) in your app/client with the identity provider)

Each redirect path can be disabled by setting to false. Also you can disable all redirects by setting redirect to false

`watchLoggedIn`

Default: true

When enabled (default) user will be redirected on login/logouts.

`token`

Auth tokens are stored in various storage providers (cookie, localStorage, vuex) on user login to provide a seamless auth experience across server-side rendering (SSR) and client-side rendering. Tokens are stored under with storage keys of the format: {storageProvider.prefix}{token.prefix}{strategy}. See and for more details.

Default:

auth: {
  token: {
    prefix: '_token.'
  }
}

prefix - Default prefix used in building a key for token storage across all storage providers.

`localStorage`

Default:

auth: {
  localStorage: {
    prefix: 'auth.'
  }
}

prefix - Default token prefix used in building a key for token storage in the browser's localStorage.

You can disable use of localStorage by setting localStorage to false, like so:

auth {
  localStorage: false
}

Otherwise the auth token will be stored in localStorage at a default key of: auth._token.{provider}.

Default:

auth: {
  cookie: {
    prefix: 'auth.',
    options: {
      path: '/'
    }
  }
}

prefix - Default token prefix used in building a key for token storage in the browser's localStorage.
options - Additional cookie options, passed to .
- path - path where the cookie is visible. Default is '/'.
- expires - can be used to specify cookie lifetime in Number of days or specific Date. Default is session only.
- maxAge - Specifies the number (in seconds) to be the value for the Max-Age (preferred over expires)
- domain - domain (and by extension subdomain/s) where the cookie is visible. Default is domain and all subdomains.
- secure - sets whether the cookie requires a secure protocol (https). Default is false, should be set to true if possible.

Note: Using cookies is required for SSR requests to work with JWT tokens.

You can disable use of cookie storage by setting cookie to false, like so:

auth: {
  cookie: false
}

Otherwise the auth token will be stored in a cookie named by default as: auth._token.{provider}.

`plugins`

If you have any nuxt plugin that depends on $auth you have to specify it here instead of top-level plugins option in nuxt.config.js.

See

`resetOnError`

Default: false

Either a boolean or a function is accepted. If a function is passed, it will take the same arguments as onError handlers and return Boolean to inform whether a reset should be performed.

If enabled, user will be automatically logged out if an error happens. (For example when token expired)

`rewriteRedirects`

Default: true

If enabled, user will redirect back to the original guarded route instead of redirect.home.

`fullPathRedirect`

Default: false

If true, use the full route path with query parameters for redirect

`vuex.namespace`

Default: auth

Vuex store namespace for keeping state.

`scopeKey`

Default: scope

user object property used for scope checking (hasScope). Can be either an array or a object.