feat(nuxt-base): remove init_oauth stale cookie deletion and move to …

…app-extension-auth (#66)
storyblok · Jul 3, 2024 · 05504c6 · 05504c6
1 parent 1545c8f
commit 05504c6
Showing 1 changed file with 8 additions and 9 deletions.
diff --git a/space-plugins/nuxt-base/server/middleware/02.auth.global.ts b/space-plugins/nuxt-base/server/middleware/02.auth.global.ts
@@ -13,16 +13,15 @@ export default defineEventHandler(async (event) => {
 		return;
 	}
 
-	// Delete cookie and initiated OAuth flow
-	// if the user hasn't been authenticated yet.
+	// If the user hasn't been authenticated yet.
 	// (Storyfront attaches this query parameter in that case)
-	if (getQuery(event)['init_oauth'] === 'true') {
-		setCookie(event, AUTH_COOKIE_NAME, '', {
-			httpOnly: true,
-			secure: true,
-			sameSite: 'none',
-		});
-		return await sendRedirect(event, appConfig.auth.initOauthFlowUrl, 302);
+	const queryParams = getQuery(event);
+	if (queryParams['init_oauth'] === 'true') {
+		return await sendRedirect(
+			event,
+			`${appConfig.auth.initOauthFlowUrl}?init_oauth=true`,
+			302,
+		);
 	}
 
 	const appSession = await getAppSession(event);