Errors and Warnings
This is a list of errors & warnings that nuxt-auth throws, what each of them means and how you can resolve them.
AUTH_NO_SECRET
AUTH_NO_SECRET will appear as a warning message during development and be thrown as an error that stops the application during production. It is safe to ignore the development warning - it is only meant as a heads-up for your later production-deployment. AUTH_NO_SECRET occurs when no secret was set inside the NuxtAuthHandler:
// file: ~/server/api/auth/[...].tsimport { NuxtAuthHandler } from '#auth'export default NuxtAuthHandler({ secret: 'my-superb-secret' // <--- !!!! THIS IS WHAT'S MISSING // ... rest of your config})The secret is important to encode the cookies / tokens of your app-users. It is mandatory for production and should be something random, long and secret that only you and priviledged personnal knows about. In development it can be omitted and will be replaced with a fake-value. To be clear: This fake value is insecure and should never be used in production.
AUTH_NO_ORIGIN
AUTH_NO_ORIGIN will appear as a warning message during development and be thrown as an error that stops the application during production. It is safe to ignore the development warning - it is only meant as a heads-up for your later production-deployment. AUTH_NO_ORIGIN occurs when the origin of your application was not set. nuxt-auth tries to find the origin of your application in the following order:
- Use the
AUTH_ORIGINenvironment variable if it is set, - Use the
auth: { origin: 'https://your-cool-origin.com' }config-value from thenuxt.config.tsif it is set, - Development only: Determine the origin automatically from the incoming HTTP request
The origin is important for callbacks that happen to a specific origin for oauth flows. Note that in order for (2) to work the origin already has to be set at build-time, i.e., when you run npm run build or npm run generate and it will lead to the origin being inside your app-bundle.