setUserToken

[dgwight]

After registration and reseting a password, my api returns an auth token and which I would like to use to set the current user.

To do this currently, I was using code that looks like this:

const token = `Bearer ${data.access_token}`

this.$auth.setToken(this.$store.state.auth.strategy, token)
this.$auth.strategy._setToken(token)
return this.$auth.fetchUser()

I believe this is a common use case, so this pr adds a function $auth.setUserToken(token) to correctly set the user with an auth code. The function setToken does not set the Authorization header, so it doesn't handle this use case very well.

Thanks!

[GMounir]

Thank you i was look for solution like this...

[farnabaz]

@dgwight Thank you for your great pull request
I think we must implement the same functionality in the oauth2 scheme

[ruudboon]

Great. Hopefully this will be released soon

[pi0]

This PR has been published in v4.6.0

[itsrachelfish]

@dgwight Why does calling setUserToken always force a redirect to the home page, even when watchLoggedIn and redirect are both set to false in my nuxt config?

I had to use setToken instead of setUserToken to get around this problem.

[maybeanerd]

I didn't open an extra issue because I feel this is still part of the PR.
I think I found what is also the source of above-mentioned issue. Not sure if the "solution" keeps other things from breaking though.
In line 59 of "local.js" we use await this._logoutLocally() in the beginning of "setUserToken()"
This logs the user out, resulting in above-mentioned issues as well as (if we keep watchLoggedIn ON ) to some unexpected logout but instantly logged in wonkiness when using refresh tokens (custom ones, because this module hasn't released them, but they use the default local scheme)

The solution for me was to simply comment out the line mentioned above. Since the setUserToken overwrites the token anyways it made no difference.
Is that line really needed then? Don't know the entire codebase enough to determine if it is.
At first glance, it seems just "lazily" copy-pasted from "login()" for the initial PR.

[dgwight]

@itsrachelfish the redirect unintended, the code for setUserToken absolutely was "lazily" copy-pasted from "login()" for the initial PR.

@T0TProduction could you push up a fix with that line removed?

[maybeanerd]

@dgwight ^ opened a PR but I guess it will take some time until someone reviews it.

[pi0]

Released with v4.9.0.