oAuth2 need to clean cookie manually if relogin (@nuxtjs/auth-next)

[steklopod]

Version

5

Reproduction link

https://codepen.io/steklopod/pen/gOMVMEG

Steps to reproduce

My nuxt config:

 auth: {
        scopeKey: 'scope',
        resetOnError: true,
        redirect: {login: '/login', logout: '/', callback: '/', home: '/'},
        strategies: {
            cookie: {
                scheme: 'refresh',
                user: {property: false},
                token: {required: false, type: false},
                refreshToken: {property: 'refresh_token' /*,data: 'refresh_token'*/},
                endpoints: {
                    login: {url: '/auth/login', method: 'post'},
                    user: {url: '/auth/user', method: 'post'},
                    refresh: {url: '/auth/refresh', method: 'post'},
                    logout: {url: '/auth/logout', method: 'post'}
                },
            },
        }
    },

1. I'm login once (with my auth server) - everything is ok, but I have cookie auth._token.cookie for domain and subdomain.

• Cookie for subdomain .my.domain expires 2020-11-24T08:16:56.629Z
• Cookie for my.domain expires Session

2. Logout

• Cookie for my.domain with value false
• Cookie for subdomain not exists

3. Login with oAuth2 again:

• Cookie for my.domain with value false
• Cookie for subdomain with token value
• Not login status

---

How I fix it:

• On login page I added this code, and second login is ok:

import Cookie from "js-cookie";

mounted() {
    if (!this.$auth.user && !this.$auth.loggedIn) {
      Cookie.remove('auth._token.cookie', {path: ''});
      Cookie.remove('auth._refresh_token.cookie', {path: ''});
    }
}

P.S.: also was trying with removeUniversal - but this not helps :-(

What is expected ?

Second login is ok without adding extra code on login page

What is actually happening?

Login -> logout -> login not working in custom oAuth2

Additional comments?

"@nuxtjs/auth-next": "^5.0.0-1602966760.822bc05",

_{This bug report is available on Nuxt community (#c709)}

[bmulholland]

Hey, thanks for posting. No one else has reported this issue - is it still present in the latest auth-next version?

[JonathanBennett]

Hi there.

I have the same issue, and resolve it the same way using the force delete cookies option. I am using @nuxtjs/auth-next: 5.0.0-1613647907.37b1156 (which I believe is the latest) and the issue is still present.

I don't see any errors in the console(s). Is there a way additional information can be collected to help diagnose?

Thanks