Nuxt Authentication

Lessons

1. Introduction

3:57

2. The Authentication Flow

5:13

3. Server-Side Routes

15:06

4. Client-Side Pages

10:02

5. Handling Invalid Session

6. CSRF

7. Stateful vs Stateless

Notify me when new lessons are available.

Server-Side Routes

When it comes to authentication, the server-side setup is crucial. For single-page apps, we need a set of API routes to interact with the session.

Generally, we need three routes:

  • A /api/signup route to create a user account
  • A /api/login route to create a session for a user account
  • A /api/logout route to delete the session

Most importantly, we need a global way to filter all requests so that only authenticated users can access private routes. This will be implemented as a server middleware in Nuxt.js.

Nuxt-auth-utils already includes a route for logging out that we can extend, along with a built-in route f