Skip to content

Set the JWT expiration date after login #6863

New issue
New issue
Closed
Closed
Set the JWT expiration date after login#6863
Labels
questionAsk how to do something or how something works
@kaboume

Description

@kaboume
kaboume
opened on Mar 2, 2023

Question 💬

Ask your question

Hi,
I'm using the CredentialsProvider to login the users.
The CredentialsProvider make a call API to a backend which returns a JWT Token with an expiration date.
My question : how to set the JWT expiration date of the JWT build by Nuxt-auth with the expiration date of the JWT returned by the Back End ?

providers: [

    CredentialsProvider.default({
      name: 'Credentials',
      credentials: {
        username: { label: 'Username', type: 'text', placeholder: '(hint: jsmith)' },
        password: { label: 'Password', type: 'password', placeholder: '(hint: hunter2)' },
      },
      async authorize(credentials: any) {
        try {
          const response = await $fetch(
            `${config.public.API_BASE_URL}auth/login/`,
            {
              method: 'POST',
              body: JSON.stringify({
                email: credentials.username,
                password: credentials.password,
              }),
            },
          )
          **console.log('response', response)**
          if (response.user) {
            const u = {
              id: response.user.id,
              name: response.user.name,
              role: response.user.role,
              email: response.user.email,
              accessToken: response.tokens.access.token,
            }
            return u
          }
          else {
            return null
          }
        }
        catch (error) {
          console.warn(error)

          throw createError({
            statusCode: error.status,
            statusMessage: error.data.message,
          })

          return null
        }
      },
    }),
  ],

  session: {
    strategy: 'jwt',
  },

  callbacks: {
    async jwt({ token, user, account }) {
      if (account && user) {
        console.warn('JWT callback', { token, user, account })
        return {
          ...token,
          ...user,
        }
      }
      return token
    },
    async session({ session, token }) {
      session.user = {
        ...session.user,
        ...token,
      }
      return session
    },
  },

Here is the result of the console.log('response', response) :

response {
  user: {
    role: 'user',
    isEmailVerified: true,
    name: 'Eric',
    email: 'eric.xxxxxxx@gmail.com',
    createdAt: '2023-01-11T10:44:38.672Z',
    updatedAt: '2023-02-09T08:42:08.710Z',
    id: '63be93164781b246a0a7a2e2'
  },
  tokens: {
    access: {
      token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI2M2JlOTMxNjQ3ODFiMjQ2YTBhN2EyZTIiLCJpYXQiOjE2Nzc1OTc1MjYsImV4cCI6MTY3NzYxNTUyNiwidHlwZSI6ImFjY2VzcyJ9.XtNTtJoXnIXu8wbYNkYW5pjU4kiKI_J4zkcGfum7hiI',
      **expires: '2023-02-28T20:18:46.850Z'**
    },
    refresh: {
      token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI2M2JlOTMxNjQ3ODFiMjQ2YTBhN2EyZTIiLCJpYXQiOjE2Nzc1OTc1MjYsImV4cCI6MTY4MDE4NTkyNiwidHlwZSI6InJlZnJlc2gifQ.IvVrJeMP7nMMZ_x3APhWDRw2OnzoMRDqFCaic1qRWHY',
      expires: '2023-03-30T14:18:46.852Z'
    }
  }
}

And when I display the content of the session in the application side :

{
  "user": {
    "name": "Eric",
    "email": "eric.xxxxx@gmail.com",
    "sub": "63be93164781b246a0a7a2e2",
    "id": "63be93164781b246a0a7a2e2",
    "role": "user",
    "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI2M2JlOTMxNjQ3ODFiMjQ2YTBhN2EyZTIiLCJpYXQiOjE2Nzc1OTc1MjYsImV4cCI6MTY3NzYxNTUyNiwidHlwZSI6ImFjY2VzcyJ9.XtNTtJoXnIXu8wbYNkYW5pjU4kiKI_J4zkcGfum7hiI",
    "iat": 1677597526,
    "exp": 1680189526,
    "jti": "0f9459c8-c0ec-4f00-b0b8-04f47e24a602"
  },
  **"expires": "2023-03-30T15:18:46.991Z"**
}

Additional information

No response

How to reproduce ☕️

providers: [

    CredentialsProvider.default({
      name: 'Credentials',
      credentials: {
        username: { label: 'Username', type: 'text', placeholder: '(hint: jsmith)' },
        password: { label: 'Password', type: 'password', placeholder: '(hint: hunter2)' },
      },
      async authorize(credentials: any) {
        try {
          const response = await $fetch(
            `${config.public.API_BASE_URL}auth/login/`,
            {
              method: 'POST',
              body: JSON.stringify({
                email: credentials.username,
                password: credentials.password,
              }),
            },
          )
          **console.log('response', response)**
          if (response.user) {
            const u = {
              id: response.user.id,
              name: response.user.name,
              role: response.user.role,
              email: response.user.email,
              accessToken: response.tokens.access.token,
            }
            return u
          }
          else {
            return null
          }
        }
        catch (error) {
          console.warn(error)

          throw createError({
            statusCode: error.status,
            statusMessage: error.data.message,
          })

          return null
        }
      },
    }),
  ],

  session: {
    strategy: 'jwt',
  },

  callbacks: {
    async jwt({ token, user, account }) {
      if (account && user) {
        console.warn('JWT callback', { token, user, account })
        return {
          ...token,
          ...user,
        }
      }
      return token
    },
    async session({ session, token }) {
      session.user = {
        ...session.user,
        ...token,
      }
      return session
    },
  },

Contributing 🙌🏽

Yes, I am willing to help answer this question in a PR

Metadata

Metadata

Assignees

No one assigned

    Labels

    questionAsk how to do something or how something works

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions