chore: update docs for 0.9.0

README.md

@@ -64,8 +64,7 @@ Then visit the [Quick Start documentation](https://auth.sidebase.io/guide/gettin
 
 `@sidebase/nuxt-auth` is a library with the goal of supporting authentication for any universal Nuxt 3 application. At the moment three providers are supported:
 - [`authjs`](https://auth.sidebase.io/guide/authjs/quick-start): for non-static apps that want to use [Auth.js / NextAuth.js](https://github.com/nextauthjs/next-auth) to offer the reliability & convenience of a 23k star library to the Nuxt 3 ecosystem with a native developer experience (DX)
-- [`local`](https://auth.sidebase.io/guide/local/quick-start): for static pages that rely on an external backend with a credential flow for authentication.
-- [`refresh`](https://auth.sidebase.io/guide/local/quick-start#refresh-token): for static pages that rely on an external backend with a credential flow and refresh tokens for authentication.
+- [`local`](https://auth.sidebase.io/guide/local/quick-start): for static pages that rely on an external backend with a credential flow for authentication. The Local Provider also supports refresh tokens since `v0.9.0`. Read more [here](https://auth.sidebase.io/upgrade/version-0.9.0).
 
 You can find a full list of our features, as well as which provider supports each feature [on our docs](https://auth.sidebase.io/guide/getting-started/choose-provider).
 
@@ -142,7 +141,6 @@ This module also has it's own playground:
 We have one playground per provider:
 - [`authjs`](./playground-authjs)
 - [`local`](./playground-local)
-- [`refresh`](./playground-refresh)
 
 ##### How to test static Nuxt 3 apps?
 

docs/.vitepress/routes/navbar.ts

@@ -13,7 +13,7 @@ export const routes: DefaultTheme.Config['nav'] = [
         link: '/guide/authjs/quick-start',
       },
       {
-        text: 'Local / Refresh guide',
+        text: 'Local guide',
         link: '/guide/local/quick-start',
       },
     ],
@@ -25,6 +25,10 @@ export const routes: DefaultTheme.Config['nav'] = [
         text: 'Overview',
         link: '/resources/overview',
       },
+      {
+        text: 'Upgrade Guides',
+        link: '/upgrade',
+      },
       {
         text: 'Recipes',
         link: '/recipes/introduction/welcome',
@@ -40,8 +44,12 @@ export const routes: DefaultTheme.Config['nav'] = [
     ],
   },
   {
-    text: '0.8.0',
+    text: '0.9.0',
     items: [
+      {
+        text: '0.8.2',
+        link: 'https://github.com/sidebase/nuxt-auth/tree/0.8.2/docs',
+      },
       {
         text: '0.7.2',
         link: 'https://github.com/sidebase/nuxt-auth/tree/0.7.2/docs/content',

docs/.vitepress/routes/sidebar/guide.ts

@@ -69,7 +69,7 @@ export const routes: DefaultTheme.SidebarItem[] = [
     ],
   },
   {
-    text: 'Local / Refresh Provider',
+    text: 'Local Provider',
     base: '/guide/local',
     items: [
       {

docs/.vitepress/routes/sidebar/index.ts

@@ -2,8 +2,10 @@ import type { DefaultTheme } from 'vitepress'
 
 import { routes as guideRoutes } from './guide'
 import { routes as recipesRoutes } from './recipes'
+import { routes as upgradeRoutes } from './upgrade'
 
 export const routes: DefaultTheme.Config['sidebar'] = {
   '/guide': guideRoutes,
-  '/recipes': recipesRoutes
+  '/recipes': recipesRoutes,
+  '/upgrade': upgradeRoutes
 }

docs/.vitepress/routes/sidebar/upgrade.ts

@@ -0,0 +1,18 @@
+import type { DefaultTheme } from 'vitepress'
+
+export const routes: DefaultTheme.SidebarItem[] = [
+  {
+    text: 'Versions',
+    base: '/upgrade',
+    items: [
+      {
+        text: 'Version 0.9.0',
+        link: '/version-0.9.0'
+      },
+      {
+        text: 'Version 0.8.0',
+        link: '/version-0.8.0'
+      }
+    ],
+  },
+]

docs/.vitepress/theme/components/Layout.vue

@@ -8,10 +8,10 @@ const { Layout } = DefaultTheme
 // Banner Configuration
 const bannerConfig = {
   // Leave text empty to disable the banner
-  text: '✨ NuxtAuth v0.8.0 has been released! ✨',
+  text: '🚀 NuxtAuth v0.9.0 has been released!',
   button: {
-    href: 'https://github.com/sidebase/nuxt-auth/releases/tag/0.8.0',
-    text: 'View release notes',
+    href: '/upgrade/version-0.9.0',
+    text: 'View upgrade guide',
   },
 }
 </script>

docs/guide/advanced/deployment/self-hosted.md

@@ -30,17 +30,17 @@ We recommend setting the `NUXT_AUTH_ORIGIN` during runtime and leaving the `base
 
 In addition to verifying that the origin is correctly set, also ensure that you have a secure [`secret` set in the NuxtAuthHandler](/guide/authjs/nuxt-auth-handler#secret).
 
-## Local / Refresh Provider
+## Local Provider
 
-When deploying a Local or Refresh -provider based app, you will only need to set the correct `baseURL` to your authentication backend.
+When deploying a Local provider based app, you will only need to set the correct `baseURL` to your authentication backend.
 
 This path can either be:
 
 - **Relative**: Pointing at a path inside your own application (e.g. `/api/auth`)
 - **Absolute**: Pointing at a path inside an external application (e.g. `https://my-auth-backend/api`)
 
 :::warning
-For the `local` and `refresh` providers, this value will need to be set at build time. This is required to support static applications.
+For the `local` provider, this value will need to be set at build time. This is required to support static applications.
 
 For this, ensure that you either directly set the `baseURL` inside the `nuxt.config.ts`, or provide a build-time environment variable that overwrites the value inside the `nuxt.config.ts`.
 :::

docs/guide/application-side/configuration.md

@@ -62,7 +62,7 @@ The full url at which the app will run combined with the path to authentication.
 - **port**: _empty_ (implies `:80` for http and `:443` for https), :3000, :8888
 - **path**: the path that directs to the location of your `NuxtAuthHandler` e.g. `/api/auth`
 
-### `local` and `refresh` Providers
+### `local` Provider
 
 Defaults to `/api/auth` for both development and production. Setting this is optional, if you set it you can set it to either:
 - just a path: Will lead to `nuxt-auth` using `baseURL` as a relative path appended to the origin you deploy to. Example: `/backend/auth`
@@ -74,12 +74,12 @@ If you point to a different origin than the one you deploy to you likely have to
 
 ## `provider`
 
-- **Type**: `ProviderAuthjs | ProviderLocal | ProviderRefresh`
+- **Type**: `ProviderAuthjs | ProviderLocal`
 - **Default**: `undefined`
 
 Configuration of the authentication provider. Different providers are supported:
 - AuthJS: See [configuration options here](/guide/authjs/quick-start#configuration)
-- Local / Refresh: See [configuration options here](/guide/local/quick-start)
+- Local: See [configuration options here](/guide/local/quick-start)
 
 ## `sessionRefresh`
 

docs/guide/application-side/session-access.md

@@ -27,25 +27,12 @@ const {
   data,
   lastRefreshedAt,
   token,
-  getSession,
-  signUp,
-  signIn,
-  signOut
-} = useAuth()
-```
-
-```ts [refresh]
-const {
-  status,
-  data,
-  lastRefreshedAt,
-  token,
+  refreshToken,
   getSession,
   signUp,
   signIn,
   signOut,
-  refresh,
-  refreshToken
+  refresh
 } = useAuth()
 ```
 
@@ -86,7 +73,7 @@ const { data } = useAuth()
 </template>
 ```
 
-### `token`
+### `token` <Badge type="warning">local only</Badge>
 
 The fetched token that can be used to authenticate further requests. This could be e.g. a JWT-Bearer token.
 
@@ -103,15 +90,15 @@ function useAPI() {
 }
 ```
 
-:::warning Local / Refresh Only
-`token` is only avalible for the refresh and local providers!
+:::warning Local Only
+`token` is only avalible for the local provider!
 :::
 
 ### `lastRefreshedAt`
 
 Time at which the session was last refreshed, either `undefined` if no refresh was attempted or a `Date` of the time the refresh happened.
 
-### `getCsrfToken`
+### `getCsrfToken` <Badge type="warning">authjs only</Badge>
 
 Returns the current Cross Site Request Forgery Token (CSRF Token) required to make POST requests (e.g. for signing in and signing out).
 
@@ -121,7 +108,7 @@ You likely only need to use this if you are not using the built-in `signIn()` an
 `getCsrfToken` is only avalible for the authjs provider!
 :::
 
-### `getProviders`
+### `getProviders` <Badge type="warning">authjs only</Badge>
 
 Get a list of all the configured OAuth providers. Useful for creating a [custom login page](/guide/authjs/custom-pages#sign-in-page). Returns an array of `Provider`.
 
@@ -158,7 +145,7 @@ const { getSession } = useAuth()
 </template>
 ```
 
-### `signUp`
+### `signUp` <Badge type="warning">local only</Badge>
 
 ```ts
 // `credentials` are the credentials your sign-up endpoint expects,
@@ -184,8 +171,8 @@ await signUp(credentials, undefined, { preventLoginFlow: true })
 You can also pass the `callbackUrl` option to redirect a user to a certain page, after they completed the action. This can be useful when a user attempts to open a page (`/protected`) but has to go through external authentication (e.g., via their google account) first.
 :::
 
-:::warning Local / Refresh Only
-`signUp` is only avalible for the refresh and local providers!
+:::warning Local Only
+`signUp` is only avalible for the local provider!
 :::
 
 ### `signIn`
@@ -257,12 +244,12 @@ const { signOut } = useAuth()
 You can also pass the `callbackUrl` option to redirect a user to a certain page, after they completed the action. This can be useful when a user attempts to open a page (`/protected`) but has to go through external authentication (e.g., via their google account) first.
 :::
 
-### `refreshToken`
+### `refreshToken` <Badge type="warning">local only</Badge>
 
 The fetched refreshToken that can be used to obtain a new access token . E.g. a refreshToken looks like this: `eyDFSJKLDAJ0-3249PPRFK3P5234SDFL;AFKJlkjdsjd.dsjlajhasdji89034`
 
-:::warning Refresh Only
-`refreshToken` is only avalible for the refresh provider!
+:::warning Local Only
+`refreshToken` is only avalible for the local provider!
 :::
 
 ### `refresh`
@@ -297,43 +284,6 @@ lastRefreshedAt.value
 ```
 
 ```ts [local]
-const {
-  status,
-  loading,
-  data,
-  lastRefreshedAt,
-  token,
-  rawToken,
-  setToken,
-  clearToken
-} = useAuthState()
-
-// Session status, either `unauthenticated`, `loading`, `authenticated`
-status.value
-
-// Whether any http request is still pending
-loading.value
-
-// Session data, either `undefined` (= authentication not attempted), `null` (= user unauthenticated), or session / user data your `getSession`-endpoint returns
-data.value
-
-// Time at which the session was last refreshed, either `undefined` if no refresh was attempted or a `Date` of the time the refresh happened
-lastRefreshedAt.value
-
-// The fetched token that can be used to authenticate future requests. E.g., a JWT-Bearer token like so: `Bearer eyDFSJKLDAJ0-3249PPRFK3P5234SDFL;AFKJlkjdsjd.dsjlajhasdji89034`
-token.value
-
-// Cookie that containes the raw fetched token string. This token won't contain any modification or prefixes like `Bearer` or any other.
-rawToken.value
-
-// Helper method to quickly set a new token (alias for rawToken.value = 'xxx')
-setToken('new token')
-
-// Helper method to quickly delete the token cookie (alias for rawToken.value = null)
-clearToken()
-```
-
-```ts [refresh]
 const {
   status,
   loading,
@@ -362,24 +312,18 @@ lastRefreshedAt.value
 // The fetched token that can be used to authenticate future requests. E.g., a JWT-Bearer token like so: `Bearer eyDFSJKLDAJ0-3249PPRFK3P5234SDFL;AFKJlkjdsjd.dsjlajhasdji89034`
 token.value
 
-// The fetched refreshToken that can be used to refresh the Token with  refresh() methode.
-refreshToken.value
-
 // Cookie that containes the raw fetched token string. This token won't contain any modification or prefixes like `Bearer` or any other.
 rawToken.value
 
-// Cookie that containes the raw fetched refreshToken string.
-rawRefreshToken.value
-
 // Helper method to quickly set a new token (alias for rawToken.value = 'xxx')
 setToken('new token')
 
-// Helper method to quickly delete the token and refresh Token cookie (alias for rawToken.value = null and rawRefreshToken.value = null)
+// Helper method to quickly delete the token cookie (alias for rawToken.value = null)
 clearToken()
 ```
 :::
 
-:::warning Local and refresh providers:
+:::warning Local provider:
 Note that you will have to manually call getSession from useAuth composable in order to refresh the new user state when using setToken, clearToken or manually updating rawToken.value:
 :::
 

docs/guide/getting-started/choose-provider.md

@@ -6,33 +6,36 @@ aside: false
 
 To pick a provider you will first have to take into consideration the requirements of your use-case. In general one can say that picking:
 
-- `authjs` is best suited for plug-and-play OAuth for established oauth-providers or magic-url based sign-ins
-- `local` is best when you already have a backend that accepts username + password as a login or want to build a static application
-- `refresh` if you would need to extend the functionality of the `local` provider, with a refresh token
+- `authjs` is best suited for plug-and-play OAuth for established oauth-providers or magic-url based sign-ins.
+- `local` is best when you already have a backend that accepts username + password as a login or want to build a static application. The Local Provider also supports refresh tokens since `v0.9.0`.
+
+:::warning Breaking change
+In `v0.9.0` the `refresh` provider was integrated into the `local` provider. Read the [upgrade guide](/upgrade/version-0.9.0).
+:::
 
 If you are still unsure, below are some tables to help you pick:
 
 ### Authentication Methods
 
-|                                                               |                               authjs   | local    | refresh
-|-----------------------------------------------------------    |-------------------------------------:  |-------:  | ------:
-| OAuth                                                         |                    ✅ (>50 providers)  |     ❌    | ❌
-| Magic URLs                                                    |                                    ✅  |     ❌    | ❌
-| Credentials / Username + Password flow                        | 🚧 (if possible: use `local` instead)  |     ✅    | ✅
-| Refresh tokens                                                |                                    ✅  |     ❌    | ✅
+|                                                               |                      authjs provider   | local provider
+|-----------------------------------------------------------    |-------------------------------------:  |---------------:
+| OAuth                                                         |                    ✅ (>50 providers)  |     ❌
+| Magic URLs                                                    |                                    ✅  |     ❌
+| Credentials / Username + Password flow                        | 🚧 (if possible: use `local` instead)  |     ✅
+| Refresh tokens                                                |                                    ✅  |     ✅
 
 ### Features
 
-|                                                               |                                authjs  | local  | refresh
-|-----------------------------------------------------------    |-------------------------------------:  |------: | ------:
-| [`useAuth`-composable](/guide/application-side/session-access) to sign in/out, refresh a session, etc.                                                                | ✅                                  | ✅     | ✅
-| Session-management: auto-refresh, refresh on refocus, ...         | ✅                                  | ✅     | ✅
-| Static apps ("nuxi generate")                                      | ❌                                 | ✅     | ✅
-| [Guest mode](/guide/application-side/protecting-pages#guest-mode) | ✅                                  | ✅     | ✅
-| [App-side middleware](/guide/application-side/protecting-pages)   | ✅                                  | ✅     | ✅
-| [Server-side middleware](/guide/authjs/server-side/session-access#endpoint-protection)                                      | ✅                                  | ❌      | ❌
-| Pre-made login-page                                               | ✅ (impacts bundle-size)            | ❌      | ❌
-| Database-adapters, server-side callback-hooks                     | ✅                                  | ❌      | ❌
+|                                                               |                       authjs provider  | local provider
+|-----------------------------------------------------------    |-------------------------------------:  |------:
+| [`useAuth`-composable](/guide/application-side/session-access) to sign in/out, refresh a session, etc.                                                                | ✅                                  | ✅
+| Session-management: auto-refresh, refresh on refocus, ...         | ✅                                  | ✅
+| Static apps ("nuxi generate")                                      | ❌                                 | ✅
+| [Guest mode](/guide/application-side/protecting-pages#guest-mode) | ✅                                  | ✅
+| [App-side middleware](/guide/application-side/protecting-pages)   | ✅                                  | ✅
+| [Server-side middleware](/guide/authjs/server-side/session-access#endpoint-protection)                                      | ✅                                  | ❌
+| Pre-made login-page                                               | ✅ (impacts bundle-size)            | ❌
+| Database-adapters, server-side callback-hooks                     | ✅                                  | ❌
 
 ::: tip Still unsure what is best for you?
 Join our [Discord](https://discord.gg/VzABbVsqAc) and share your use case!