Just a couple things I noticed while working through this:
initial code of AuthController lists refreshTo() (should be refreshToken())
nuxt.config.js: credentials should be withCredentials: true, correct?
in the refreshToken milddleware, I assume when the cookie IS there, there should be a commit to the store to reset it (page refresh, direct access through URL). Like this?
It looks like the refresh_token part is not working, unless I missed something. I can login, x-access-token is there - but when it comes time to refresh - I get the 403 error.
I was totally wrong about the withCredentials key...everything kept failing till I put it back the way you had it with credentials instead...weird because it goes against everything else I see.
Hi there, I'm running into a CORS issue that I can't seem to get around. I'm using Laravel 7.5.2. Basically anytime I try to use the register function I get: Access to XMLHttpRequest at 'myapi.test/api/register' from origin 'localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute. If I change the 'credentials' to 'withCredentials', it passes the CORS preflight, but then the token part does not appear to be working.
***FOLLOW UP: I'm still using the 'withCredentials' parameter. The issue going in that direction was in the .env using CLIENT_ID as opposed to PASSWORD_CLIENT_ID. That was mentioned before in this thread. Thanks!
Well you can do that, but it will send a request on every route change and I don't like that. I'll only send a request when there the token is not there. That way, only one request will be sent every 5 minutes, and I think that's better approach.
Just a couple things I noticed while working through this:
refreshTo()
(should berefreshToken()
)nuxt.config.js
:credentials
should bewithCredentials: true
, correct?It looks like the refresh_token part is not working, unless I missed something. I can login,
x-access-token
is there - but when it comes time to refresh - I get the403
error.I was totally wrong about the
withCredentials
key...everything kept failing till I put it back the way you had it withcredentials
instead...weird because it goes against everything else I see.THANK YOU!
Hi there, I'm running into a CORS issue that I can't seem to get around. I'm using Laravel 7.5.2. Basically anytime I try to use the register function I get: Access to XMLHttpRequest at 'myapi.test/api/register' from origin 'localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute. If I change the 'credentials' to 'withCredentials', it passes the CORS preflight, but then the token part does not appear to be working.
***FOLLOW UP: I'm still using the 'withCredentials' parameter. The issue going in that direction was in the .env using CLIENT_ID as opposed to PASSWORD_CLIENT_ID. That was mentioned before in this thread. Thanks!
refreshTo
intorefreshToken
You is not change
refreshTo
intorefreshToken
in this tutorial ))