Updated Application-side docs

zoey-kaiser · zoey-kaiser · commit 1d45b5b47927 · 2024-08-22T17:52:58.000+02:00
diff --git a/docs/guide/application-side/configuration.md b/docs/guide/application-side/configuration.md
@@ -62,7 +62,7 @@ The full url at which the app will run combined with the path to authentication.
 - **port**: _empty_ (implies `:80` for http and `:443` for https), :3000, :8888
 - **path**: the path that directs to the location of your `NuxtAuthHandler` e.g. `/api/auth`
 
-### `local` and `refresh` Providers
+### `local` Provider
 
 Defaults to `/api/auth` for both development and production. Setting this is optional, if you set it you can set it to either:
 - just a path: Will lead to `nuxt-auth` using `baseURL` as a relative path appended to the origin you deploy to. Example: `/backend/auth`
@@ -74,12 +74,12 @@ If you point to a different origin than the one you deploy to you likely have to
 
 ## `provider`
 
-- **Type**: `ProviderAuthjs | ProviderLocal | ProviderRefresh`
+- **Type**: `ProviderAuthjs | ProviderLocal`
 - **Default**: `undefined`
 
 Configuration of the authentication provider. Different providers are supported:
 - AuthJS: See [configuration options here](/guide/authjs/quick-start#configuration)
-- Local / Refresh: See [configuration options here](/guide/local/quick-start)
+- Local: See [configuration options here](/guide/local/quick-start)
 
 ## `sessionRefresh`
 
diff --git a/docs/guide/application-side/session-access.md b/docs/guide/application-side/session-access.md
@@ -27,25 +27,12 @@ const {
   data,
   lastRefreshedAt,
   token,
-  getSession,
-  signUp,
-  signIn,
-  signOut
-} = useAuth()
-```
-
-```ts [refresh]
-const {
-  status,
-  data,
-  lastRefreshedAt,
-  token,
+  refreshToken,
   getSession,
   signUp,
   signIn,
   signOut,
-  refresh,
-  refreshToken
+  refresh
 } = useAuth()
 ```
 
@@ -86,7 +73,7 @@ const { data } = useAuth()
 </template>
 ```
 
-### `token`
+### `token` <Badge type="warning">local only</Badge>
 
 The fetched token that can be used to authenticate further requests. This could be e.g. a JWT-Bearer token.
 
@@ -103,15 +90,15 @@ function useAPI() {
 }
 ```
 
-:::warning Local / Refresh Only
-`token` is only avalible for the refresh and local providers!
+:::warning Local Only
+`token` is only avalible for the local provider!
 :::
 
 ### `lastRefreshedAt`
 
 Time at which the session was last refreshed, either `undefined` if no refresh was attempted or a `Date` of the time the refresh happened.
 
-### `getCsrfToken`
+### `getCsrfToken` <Badge type="warning">authjs only</Badge>
 
 Returns the current Cross Site Request Forgery Token (CSRF Token) required to make POST requests (e.g. for signing in and signing out).
 
@@ -121,7 +108,7 @@ You likely only need to use this if you are not using the built-in `signIn()` an
 `getCsrfToken` is only avalible for the authjs provider!
 :::
 
-### `getProviders`
+### `getProviders` <Badge type="warning">authjs only</Badge>
 
 Get a list of all the configured OAuth providers. Useful for creating a [custom login page](/guide/authjs/custom-pages#sign-in-page). Returns an array of `Provider`.
 
@@ -158,7 +145,7 @@ const { getSession } = useAuth()
 </template>
 ```
 
-### `signUp`
+### `signUp` <Badge type="warning">local only</Badge>
 
 ```ts
 // `credentials` are the credentials your sign-up endpoint expects,
@@ -184,8 +171,8 @@ await signUp(credentials, undefined, { preventLoginFlow: true })
 You can also pass the `callbackUrl` option to redirect a user to a certain page, after they completed the action. This can be useful when a user attempts to open a page (`/protected`) but has to go through external authentication (e.g., via their google account) first.
 :::
 
-:::warning Local / Refresh Only
-`signUp` is only avalible for the refresh and local providers!
+:::warning Local Only
+`signUp` is only avalible for the local provider!
 :::
 
 ### `signIn`
@@ -257,12 +244,12 @@ const { signOut } = useAuth()
 You can also pass the `callbackUrl` option to redirect a user to a certain page, after they completed the action. This can be useful when a user attempts to open a page (`/protected`) but has to go through external authentication (e.g., via their google account) first.
 :::
 
-### `refreshToken`
+### `refreshToken` <Badge type="warning">local only</Badge>
 
 The fetched refreshToken that can be used to obtain a new access token . E.g. a refreshToken looks like this: `eyDFSJKLDAJ0-3249PPRFK3P5234SDFL;AFKJlkjdsjd.dsjlajhasdji89034`
 
-:::warning Refresh Only
-`refreshToken` is only avalible for the refresh provider!
+:::warning Local Only
+`refreshToken` is only avalible for the local provider!
 :::
 
 ### `refresh`
@@ -297,43 +284,6 @@ lastRefreshedAt.value
 ```
 
 ```ts [local]
-const {
-  status,
-  loading,
-  data,
-  lastRefreshedAt,
-  token,
-  rawToken,
-  setToken,
-  clearToken
-} = useAuthState()
-
-// Session status, either `unauthenticated`, `loading`, `authenticated`
-status.value
-
-// Whether any http request is still pending
-loading.value
-
-// Session data, either `undefined` (= authentication not attempted), `null` (= user unauthenticated), or session / user data your `getSession`-endpoint returns
-data.value
-
-// Time at which the session was last refreshed, either `undefined` if no refresh was attempted or a `Date` of the time the refresh happened
-lastRefreshedAt.value
-
-// The fetched token that can be used to authenticate future requests. E.g., a JWT-Bearer token like so: `Bearer eyDFSJKLDAJ0-3249PPRFK3P5234SDFL;AFKJlkjdsjd.dsjlajhasdji89034`
-token.value
-
-// Cookie that containes the raw fetched token string. This token won't contain any modification or prefixes like `Bearer` or any other.
-rawToken.value
-
-// Helper method to quickly set a new token (alias for rawToken.value = 'xxx')
-setToken('new token')
-
-// Helper method to quickly delete the token cookie (alias for rawToken.value = null)
-clearToken()
-```
-
-```ts [refresh]
 const {
   status,
   loading,
@@ -362,24 +312,18 @@ lastRefreshedAt.value
 // The fetched token that can be used to authenticate future requests. E.g., a JWT-Bearer token like so: `Bearer eyDFSJKLDAJ0-3249PPRFK3P5234SDFL;AFKJlkjdsjd.dsjlajhasdji89034`
 token.value
 
-// The fetched refreshToken that can be used to refresh the Token with  refresh() methode.
-refreshToken.value
-
 // Cookie that containes the raw fetched token string. This token won't contain any modification or prefixes like `Bearer` or any other.
 rawToken.value
 
-// Cookie that containes the raw fetched refreshToken string.
-rawRefreshToken.value
-
 // Helper method to quickly set a new token (alias for rawToken.value = 'xxx')
 setToken('new token')
 
-// Helper method to quickly delete the token and refresh Token cookie (alias for rawToken.value = null and rawRefreshToken.value = null)
+// Helper method to quickly delete the token cookie (alias for rawToken.value = null)
 clearToken()
 ```
 :::
 
-:::warning Local and refresh providers:
+:::warning Local provider:
 Note that you will have to manually call getSession from useAuth composable in order to refresh the new user state when using setToken, clearToken or manually updating rawToken.value:
 :::
 
diff --git a/playground-local/app.vue b/playground-local/app.vue
@@ -2,7 +2,7 @@
 import { ref } from 'vue'
 import { useAuth } from '#imports'
 
-const { signIn, token, data, status, lastRefreshedAt, signOut, getSession } = useAuth()
+const { signIn, token, refreshToken, data, status, lastRefreshedAt, signOut, getSession } = useAuth()
 
 const username = ref('')
 const password = ref('')
@@ -14,6 +14,7 @@ const password = ref('')
     <pre>Data: {{ data || 'no session data present, are you logged in?' }}</pre>
     <pre>Last refreshed at: {{ lastRefreshedAt || 'no refresh happened' }}</pre>
     <pre>JWT token: {{ token || 'no token present, are you logged in?' }}</pre>
+    <pre>Refresh token: {{ refreshToken || 'N/A' }}</pre>
 
     <form @submit.prevent="signIn({ username, password })">
       <input v-model="username" type="text" placeholder="Username" data-testid="username">
