Don't send token with login request #136
Labels
Comments
ghost
added
the
|
@pedantic-git I agree with unsettling token before loginWith. Please make a PR. |
|
Hi @pi0 - I'm not particularly familiar with the internals of the auth-module. Would you recommend I do this in the core, or in the local scheme? |
pedantic-git
added a commit
to fishpercolator/auth-module
that referenced
this issue
Apr 18, 2018
|
OK - I had a dig around and have proposed a solution in #151 |
|
Will be released soon. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What problem does this feature solve?
I currently have Nuxt hooked up to a Rails app with Devise-JWT handling authentication on the backend. It all works well apart from one thing:
When a token expires on the backend, I can't log in again from Nuxt.
The reason is that Nuxt sends the old token along with the login request, and Devise-JWT validates this before checking for the username and password.
What does the proposed changes look like?
I don't think it makes sense to ever send the token along with login requests, because the whole point of a login request is to issue a token. Can Nuxt just skip sending the token when the request is coming from the
loginWith()method?An alternative would be to always delete tokens completely from the store before login requests, and this is what I'm doing to work around this right now.
The text was updated successfully, but these errors were encountered: